US FBI Warns Retailers of Further Cyber Attacks Similar to Target Data Breach

The US Federal Bureau of Investigation (FBI) has warned the country's retailers of further cyber attacks following the massive data breach at Target Corp, the third largest retailer in the country.

The FBI issued a confidential report last week to retailers detailing risks of a malware that affects point-of-sale systems such as electronic cash registers and card-swiping machines, Reuters reported. The bureau has discovered about 20 hacking cases in the past year that involved the same kind of malware used to attack target.

"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," the news agency quoted the report as saying.

"The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors."

Reuters added that a spokeswoman for the FBI confirmed that it had issued the report entitled 'Recent Cyber Intrusion Events Directed Toward Retail Firms' on January 17.

Data Breach

Target discovered a major security breach in December 2013. Payment data from about 40 million credit and debit cards were stolen from Christmas shoppers at its stores over 19 days between 27 November and 15 December.

It has since been revealed that a further 70 million customer records with sensitive information such as names, telephone numbers and email addresses were also stolen.

Target has confirmed that cybercriminals used malware installed on Target's point-of-sale (PoS) cash register systems to siphon off the data.

Retailer Neiman Marcus has also disclosed that it suffered a similar cyber attack, but did not reveal the number of customers affected.

Both companies have said the federal authorities are investigating the data breach.

Los-Angeles based cyber intelligence company, IntelCrawler, said earlier that it had identified six additional breaches at other retailers across the US. The firm, however, did not disclose the details of the affected retailers.

The retailers were attacked with an inexpensive "off the shelf" malware known as BlackPOS, according to the company.

"Most of the victims are department stores. More BlackPOS infections, as well as new breaches can appear very soon, retailers and security community should be prepared for them," IntelCrawler CEO Andrew Komarov said.