Sony To Produced Movie On Target Hacking

The security breach that compromised 40 million credit card numbers and data of 70 million Target customers last December could end up a part of a cyber-crime film produced by Sony and based on security researcher Brian Krebs who broke the story. According to The Hollywood Reporter, Sony's purchased the rights to "Reporting From the Web’s Underbelly," a profile on Krebs published last month in The New York Times.

That piece went behind the scenes about Krebs' uncovering of the security breaches against Target, Adobe, and Neiman Marcus. It also detailed peculiar aspects of Krebs' life, like his penchant for keeping a 12-gage shotgun at his side, along with the times people have tried to mail him heroin, or phoned a SWAT team to his house by falsely reporting that he had murdered someone. The Hollywood Reporter adds that Richard Wenk, who penned the upcoming thriller The Equalizer, will do a screenplay based on The Times story, which was written by security reporter Nicole Perlroth.

On December 18, 2013, security expert Brian Krebs broke news that Target was investigating a major data breach "potentially involving millions of customer credit and debit card records." The report quickly spread across news channels. 

On December 19, Target confirmed the incident via a press release, revealing that the hack took place between November 27 and December 15, 2013. Target warned that up to 40 million consumer credit and debit cards may have been compromised. Hackers gained access to customer names, card numbers, expiration dates, and CVV security codes of the cards issued by financial institutions. 

On December 27 Target disclosed that debit card PIN data had also been stolen, albeit in encrypted form, reversing an earlier stance that PIN data was not part of the breach. Target noted that the accessed PIN numbers were encrypted using Triple DES and has stated the PINs remain "safe and secure" due to the encryption. 

On January 10, 2014, Target disclosed that the names, mailing addresses, phone numbers or email addresses of up to 70 million additional people had also been stolen, bringing the possible number of customers affected up to 110 million.

On March 13, 2014, Bloomberg Businessweek published an article asserting that Target's computer security team was notified of the breach via the FireEye security service they employed, had ample time to disrupt the theft of credit cards and other customer data, but did not act to prevent theft from being carried out.