

Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It - hga
http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data#p1

======
hga
tl;dr: Target had recently installed what sounds like it might be an above
average intrusion detection system from FireEye, a Bangalore office was
monitoring it and reported several incidents, one of which sounds like a solid
tell, to the Minneapolis security operations center, where all were ignored.

Unknown: did the system produce a lot of false positives? Was, or could the
Bangalore team be any good at filtering them, if there was such a problem?

A couple of bottom lines: they're going to get figuratively crucified for
this. And maybe we understand just a bit more why they've been so opaque in
reporting on this debacle.

