Target Data Breach Puts Consumer Privacy on Senate Agenda

Source: Kevin Dooley / Flickr

The massive data breach that compromised as many as 40 million customer credit and debit cards and the personal data of another 70 million Target (NYSE:TGT) shoppers at the end of last year will catapult the retailer’s chief finance officer, John Mulligan, in front of the U.S. Senate Judiciary Committee on February 4 to discuss “privacy in the digital age,” with particular emphasis on “preventing data breaches and combating cybercrime.” It is expected this appearance will be the first time the company answers questions about the cyber attack, and lawmakers want to know how consumers were affected by the data breach and determine what tactics retailers can employ in the future to protect themselves from such damaging invasions.

In addition, the commerce, manufacturing, and trade subcommittee of the House of Representative’s Committee on Energy and Commerce will also be conducting a hearing of its own on February 3.

While Target has not detailed how the security of its network was breached and important data siphoned away, investigators believe the hackers installed Memory parser malware on cash registers or servers to extract encrypted magnetic-stripe data as it moves through the live memory of the computer, where it appears in plain text. Credit-card company Visa (NYSE:V) issued two warnings last year about the increase in cyber attacks, but it is unclear whether Target implemented the recommended protection measures.

However, a law enforcement source did inform Reuters last week that such security measures Visa outlined may not have been enough. The United States Secret Service, which has jurisdiction over credit-card fraud, is investigating several recent incidents.