I want a full paraphrase it’s due in 3 hours from now
The problem began when hackers from an unknown location collected information about one of Targets vendor. Fazio Mechanical Services. The information about Fazio was accessible to anyone. When Fazio employee opened the malicious email it enables hackers to steal all of Fazios passwords. As a result for that attack 40 millions of credit cards accounts were stolen and 70 millions of customers information and addresses were stolen also.
Targets system was able to detect the breach because it has an option to delete malware as its detected. But the security team turned that function off without any reason.
Before the attack Target was warned from the security team in India but it ignored the security warnings. I think this ignorance led to the occurrence of that problem easily. When the attack happened Target did not close all its stores but it kept them open to avoid disruption. I think it was better if it closed all stores until the investigation finishes. I addition it did not post the announcement early. It waited one week to release the announcement that was on the corporate website not onTarget.com. I think posting the announcement early and on official website would help to avoid many problems and reduce the amount of losses. For example customers can protect themselves by changing the PIN numbers for their cards. Also when Target posted its announcement it did not include all the information about the attack. For that reason On Jan 10th Target posted the second announcement. it included that in addition to payment card data personal information included name mail and email addresses also had been stolen for 70 million customers.
In conclusion I think each company should do review from time to time to detect the threats and set the plans to encounter them and prioritize the threats according to their riskiness level.