Abstract

This paper investigates and examines the events leading up to the second most devastating data breach in history: the attack on the Target Corporation. It includes a thorough step-by-step analysis of this attack and a comprehensive anatomy of the malware named BlackPOS. Also, this paper provides insight into the legal aspect of cybercrimes, along with a prosecution and sentence example of the well-known TJX case. Furthermore, we point out an urgent need for improving security mechanisms in existing systems of merchants and propose three security guidelines and defenses. Credit card security is discussed at the end of the paper with several best practices given to customers to hide their card information in purchase transactions.