Victims of the Target hack were hit as they slid their payment cards through point-of-sale terminals, says the company's CEO: That's where hackers placed their malware, Gregg Steinhafel tells CNBC. On Sunday, Dec. 15, the company recognized "we had an issue," and "by six o'clock at night, our environment was safe and secure. We eliminated the malware in the access point." Steinhafel explained why it still took a few days to alert customers, CNET reports: "Day two was really about initiating the investigation work and the forensic work," while "day three was about preparation" of stores and call centers.
After Neiman Marcus revealed that it, too, was hit with a data breach, Reuters reports that three other top US retailers were also victimized, though on a smaller scale. Insiders say the people behind the scam may have been the same ones who hit Target. Details remain hazy, but Reuters' sources say the other retailers had mall outlets. Earlier attacks may have worked as trials ahead of the Target hack, notes a security expert. One technique hackers may have used is called RAM scraping, during which hackers collect encrypted data when it's in plain-text form in a computer's memory. (More Target stories.)