Target's computer security staff advised the retailer to review the security of its payment card system at least two months before hackers stole 40 million credit and debit card numbers from its servers, according to several reports published Friday.
Citing unnamed sources familiar with the matter, The Wall Street Journal and American Banker published stories on their websites that said at least one intelligence analyst at the Minneapolis-based retailer wanted to do a more thorough security review of its payment systems' vulnerability to malware, but the request was brushed off.
The warning came at the time Target was updating those payment terminals, which can open security risks, and as the retailer was preparing for the holiday season. After updating the terminals, analysts would have had less time to find holes in the new system.
A former employee told the Journal that the analyst's concern came after the federal government and private research firms had distributed memos last spring and summer, warning companies about the emergence of new types of malicious computer code targeting payment terminals.