Breaking News Bar
updated: 2/8/2014 10:01 AM

Pennsylvania vendor may have been gateway to Target data

hello
Success - Article sent! close
  • A sign for Fazio Mechanical Services Inc. at their location in Sharpsburg, Pa.

      A sign for Fazio Mechanical Services Inc. at their location in Sharpsburg, Pa.
    Associated Press

 
Associated Press

NEW YORK -- The hackers who stole millions of debit and credit card numbers from Target's computer systems may have gained access by first infiltrating the network of a western Pennsylvania heating and refrigeration contractor.

Fazio Mechanical Services Inc., of Sharpsburg, Pa., issued the statement late Thursday saying it was the victim of a "sophisticated cyberattack operation." The statement came days after Internet security bloggers identified it as the third-party vendor through which hackers accessed Target's computer systems.

Order Reprint Print Article
 
Interested in reusing this article?
Custom reprints are a powerful and strategic way to share your article with customers, employees and prospects.
The YGS Group provides digital and printed reprint services for Daily Herald. Complete the form to the right and a reprint consultant will contact you to discuss how you can reuse this article.
Need more information about reprints? Visit our Reprints Section for more details.

Contact information ( * required )

Success - request sent close

Target has said it believes hackers initially gained access to its vast computer network through one of its vendors. Once inside, the hackers moved through the retailer's network and eventually installed malicious software into the company's point-of-sale system.

The series of hacks, experts believe, gave thieves access about 40 million debit and credit card numbers and the personal information, including names, email addresses, phone numbers and home addresses of as many as 70 million customers. Target has said the data was pilfered during the busy holiday shopping season.

The new details about Target's breach illustrate just how vulnerable large corporations have become as they expand and connect computer networks to offer greater convenience and increase productivity.

U.S. Secret Service spokesman Brian Leary confirmed that Fazio Mechanical Services is being investigated, but wouldn't provide details.

Molly Snyder, spokeswoman for Minneapolis-based Target, declined comment citing the ongoing investigation.

Federal prosecutors in Pittsburgh referred calls to their counterparts in Minnesota, where Assistant U.S. Attorney Steve Schleicher, acting criminal division chief, declined comment on the Fazio link, in particular, and the overall investigation.

"Like Target, we are a victim of a sophisticated cyberattack operation," Ross Fazio, the company's president and owner, said in a statement. Fazio's company is cooperating with the Secret Service and Target to identify the possible cause of the breach, he said.

Fazio Mechanical Services also denied reports on blogs and other outlets that said the company remotely monitored heating, cooling and refrigeration for Target, which has about 1,800 stores nationwide.

Fazio said in the statement that his company has an electronic connection with Target, which it uses to submit bills and contract proposals.

In the weeks since Target disclosed the breach, banks, credit unions and other card issuers have cancelled and reissued cards, closed transactions or accounts, and refunded credit card holders for transactions made with the stolen data.

Target has said its customers won't be responsible for any losses.

Share this page
Comments ()
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the X in the upper right corner of the comment box. To find our more, read our FAQ.
    help here