945-autopsy-data-breach-target-case
centre-de-cas_hec.png

Autopsy of a Data Breach: The Target Case

8,00 $50,00 $

CASE STUDY. This case revisits the events in late 2013 that gave rise to what was at the time the largest breach of confidential data in history. Indeed, on December 19, 2013, Target announced that its computer network had been infiltrated by cybercriminals who stole 40 million debit and credit card numbers as well as the personal information of some 70 million additional customers.

Pour acheter une licence « Licence par enseignement », vous devez vous enregistrer et être approuvé par notre administration.

Produit

Abstract

This case revisits the events in late 2013 that gave rise to what was at the time the largest breach of confidential data in history. Indeed, on December 19, 2013, Target announced that its computer network had been infiltrated by cybercriminals who stole 40 million debit and credit card numbers as well as the personal information of some 70 million additional customers. The case presents the cybercriminals’ activities leading up to the breach, details of the commission of the theft, the measures that Target had put in place to deter such attacks, its ill-fated response during the attack and, finally, the impact of the breach on Target as well as on the retail industry as a whole. This case is also available in French here.

Teaching objectives

The case allows students to:

  1. familiarize themselves with the basic vocabulary related to information security;
  2. understand how threats can materialize, resulting in a major data breach (approaches and actors);
  3. identify the vulnerabilities of a business (by analyzing and understanding the different sources of risk);
  4. become aware of the fact that humans continue to be the weak link in the chain of information security;
  5. understand the principal control measures a business can deploy to protect itself;
  6. identify and understand the specific issues raised by information security, notably in a digital business environment.

Main themes covered

  • Information security
  • credit cards
  • controls
  • vulnerability of an organization

Concepts and theories related to the case

Risk management: risk sources and controls in an IT environment

Additional information

Teaching notes are available for professors. Contact HEC Montreal Case Centre.

Information complémentaire

Année

2016

Annexe

non

Éditeur

Centre de Cas HEC Montréal

Format

PDF

Industrie

Cybercrime, Data breach, Electronics payments, Information security, Technology

Institution

HEC Montréal

Langue

Anglais

Licence

Enseignement par professeur, Utilisation personnelle

Nombre de pages

8

Notes pédagogiques

Oui (pour professeurs)

Numéro centre de cas

9 65 2016 001T

Parution

Revue Internationale de Cas en Gestion (RICG)

Taille

160 ko

Avis

Il n’y pas encore d’avis.

Soyez le premier à laisser votre avis sur “Autopsy of a Data Breach: The Target Case”