(NEWSER) – If only Target had top-notch security software in place to prevent last year's disastrous hack. Oh wait, it did. In fact, a report by Businessweek/Bloomberg says the software was essentially screaming that something was amiss well in advance of any actual theft of customers' credit card data. Target had plenty of time to react—but did nothing. The $1.6 million software program from security firm FireEye detected the installation of malware on Nov. 30 and multiple times afterward, before hackers started stealing data, but the urgent alerts went unheeded.
Why didn't the software kill the malware on its own?
- "The system has an option to automatically delete malware as it's detected. But according to two people who audited FireEye's performance after the breach, Target's security team turned that function off," says the story, which follows a two-month investigation. "It's possible that FireEye was still viewed with some skepticism by its minders at the time of the hack ..."