Target warned about detected malware ahead of breach

A  team of internal Target US security experts, armed with a malware detection tool made by FireEye, alerted company officials about a possible data breach on November 30, but they failed to respond to the warning signs, according to a media report on Thursday.

The security specialists in Bangalore, India, were monitoring computer logs found FireEye's alerts from November 30 and notified Target officials in Minneapolis, Bloomberg Businessweek reported. They also found more alerts from December 2, when more malware surfaced.

Such warnings, if heeded, could have cut short the massive data breach that affected millions of customers who shopped at the US's No. 3 retailer between November 27 and December 18 - the height of the US holiday shopping season.

Some 40 million credit and debit card records were stolen from the retailer, along with 70 million other records with customer information such as addresses and telephone numbers.

Congress is investigating the breach along with lapses that surfaced at other retailers, and credit card companies are pushing for better security.

Shares in Target took a hit after news of the security lapse surfaced in mid-December but recovered after the company offered assurances last month. Its shares were largely unchanged in pre-market trading on the New York Stock Exchange on Thursday.

Bloomberg, citing a source who has consulted on the Target investigation, said hackers deployed a custom-made code on November 30 that triggered a FireEye alert for the malware, including details on the servers where stolen data was to be delivered.

The security system's automatic function to delete such malware was turned off by Target's security team, the report said, citing two people who audited FireEye's role after the breach.

Target CEO Gregg Steinhafel, in a statement to Bloomberg, said the retailer was still reviewing its "people, processes and technology" in the wake of the breach. Target executives had previously told Congress they knew nothing of the vulnerability prior to the breach.

"As the investigation is not complete, we don't believe it's constructive to engage in speculation without the benefit of the final analysis," Steinhafel wrote, according to the report.

He said the company had "already taken significant steps." Target earlier this month said it was overhauling its information security practices.

Representatives for Target and FireEye could not immediately be reached to comment on the report.