Module_3

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

260

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

4

Uploaded by JudgeWorld11937

Report
The 2013 Target data breach was one of the most high-profile data breaches of the decade, impacting customers across the country. Cybercriminals utilized an email-based phishing scam, tricking an employee from one of Target’s third-party vendors, an HVAC contractor, into providing their credentials (Young, 2021). From there, the stolen credentials were used to infiltrate Target’s network and install malware on several point-of-sale systems on November 15th. Followed by officially launching the malware and beginning the collection of customer data from Target’s point-of-sale systems on November 27th. Three days later, the malware was detected, and Target HQ was notified (Mukumbi, 2016). It was not until being notified by the U.S. Department of Justice about the malware on December 12, that Target began to investigate the incident. It was December 19, 2013, when Target released an official statement on the matter (Rockefeller, 2014). The breach led to several point-of-sale systems being compromised by malware, giving cybercriminals access to millions of customer’s personal and financial data (Young, 2021). It is not known who was directly responsible for the attack, however, the malware, named “BlackPOS”, was coded and developed by two Russians, ages 17 and 23 at the time, to sell the program to be used for security testing (Kumar, 2014). It is believed they had the help of another anonymous programmer they met online, who used the exploit for malicious purposes. The malware, or portions of it was later found to have been involved in other attacks too (Kumar, 2014). Target faced many consequences in the aftermath of the breach, including recovery expenses, hundreds of lawsuits, decreased customer confidence, lost profits, and widespread criticism related to the company’s delayed initial response (Steinberg, 2021).
The ethical issues of the case include the failure of Target to protect its customers’ data, the lack of transparency in Target’s initial response to the breach, and the potential violation of customers’ privacy rights (Young, 2021). The key members involved in the case include Target’s corporate leadership, the management team, the cybersecurity team, and the customers whose data was compromised. Accountability of effective risk management, slow crisis response, and reputational damage suffered rippled to the very top of Target leadership as well as the entire retail industry (Steinberg, 2021). The significance of the case lies in the fact that it highlights the importance of cybersecurity and the need for organizations to take proactive measures to protect their customers’ data. One ethical framework that can be used to analyze this case is the utilitarian framework. The utilitarian framework focuses on maximizing the overall happiness or well-being of society and focused on the impact of decisions. The principles from this framework that apply to the case include the need to protect customers’ privacy rights, the importance of transparency in communication, and the need to take proactive measures to prevent data breaches (SNHU, n.d.). The utilitarianism framework can be used to examine the ethical issues of the case by evaluating the impact of Target’s actions on its customers and society, assisting in identifying the ethical implications of the case. For example, Target’s failure to protect its customers’ data resulted in a breach of their privacy rights and caused widespread financial and emotional harm. The breach led to several point-of-sale systems being compromised by malware, giving cybercriminals access to millions of customer’s personal and financial data. This caused a great loss of trust in Target and a decrease in customer confidence.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help