Case Study > Case #3: Cyber Breach at Target

Document Content and Description Below

Case #3: Cyber Breach at Target Case Summary: In 1961, Target was founded by Douglas Dayton and created to combine the best of the fashion world with the best of the discount world; a quality sto... re with quality merchandise and a discounted store all in one. His vision for Target was to provide consumers with an affordable yet high quality products while maintaining a fun experience. This vision lived up to its name for quite some time- in the third quarter 2013 Target has amassed revenues of over 72 billion, reflected a 2.8% compound annual growth rate over the previous five years, had 1,919 stores and around 80,000 SKU’s, but this picture perfect brand image came crashing down in September of that year. Hackers from an unknown location initiated a phishing campaign within one of Target’s eternal heating ventilation providers, Fazio Mechanical Services. Information about Target’s vendors was publically available and hackers saw that Fazio was using a free malware detection software that was actually a free version of a security protocol whose license explicitly said it wasn’t for enterprise use. The hackers saw this opportunity as a huge loophole to get into Fazio’s system. At this point in September, Target’s security team began identifying vulnerabilities in their payment card systems and cash registers, but they weren't brought to the attention of executives and dismissed accordingly. 1. What’s your diagnosis of the breach at Target- was Target particularly vulnerable or simply unlucky? 2. What, if anything, might Target have done better to avoid being breached? What technical or organizational constraints might have prevented them from taking such actions? 3. What’s your assessment of Target’s post-breach response? What did Target do well? What did they do poorly? 4. To what extent is Target’s board of directors accountable for the breach and its consequences? As a member of the Target board, what would you do in the wake of the breach? What changes would you advocate? Works Cited Srinivasam, Suraj, et al. “Cyber Breach at Target.” Harvard Business School, 10 Jan. 2019. Temin, Davia. “Target's Worst PR Nightmare: 7 Lessons From Target's Well-Meant But Flawed Crisis Response.” Forbes, Forbes Magazine, 31 Dec. 2013, www.forbes.com/sites/daviatemin/2013/12/30/targets-worst-pr-nightmare-7-lessons-from-targets-well-meant-but-flawed-crisis-response/#5dab648943cf. [Show More]

Last updated: 1 year ago

Preview 1 out of 9 pages