Feb. 10, 2014: Target Credit Card Info Stolen Using HVACR Contractor’s Network Access

Fazio Mechanical Services Identified; Contractor Issues Statement

According to Brian Krebs, a blogger on security issues, the hackers that broke into Target’s computer network and stole millions of credit and debit card numbers gained access through the network credentials of an HVACR contractor.

Krebs reported that sources involved in the investigation identified Fazio Mechanical Services, a provider of HVAC and refrigeration services located in Sharpsburg, Pa., as the firm whose credentials were stolen in order to gain access to Target’s customer data.

As to why Fazio Mechanical Services had network access, one cybersecurity expert speculated to Krebs that it is common for large retailers to have a vendor that “monitors energy consumption and temperatures” in order to reduce costs.

However, Ross E. Fazio, president and owner of Fazio Mechanical Services, released a statement on the Target data breach, saying:

“Fazio Mechanical Services Inc. places paramount importance on assuring the security of confidential customer data and information. While we cannot comment on the ongoing federal investigation into the technical causes of the breach, we want to clarify important facts relating to this matter:

• Fazio Mechanical does not perform remote monitoring or control of heating, cooling, or refrigeration systems for Target.

• Our data connection with Target was exclusively for electronic billing, contract submission, and project management, and Target is the only customer for whom we manage these processes on a remote basis. No other customers have been affected by the breach.

• Our IT system and security measures are in full compliance with industry practices.

• Fazio Mechanical is not the subject of the federal investigation.

“Like Target, we are a victim of a sophisticated cyber attack operation. We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive remedies to enhance the security of client/vendor connections to make them less vulnerable to future breaches.”

Publication date: 2/10/2014

Want more HVAC industry news and information? Join The NEWS on Facebook, Twitter, and LinkedIn today!

You must login or register in order to post a comment.

On Demand Don’t miss your chance to learn from industry thought leaders and gain valuable insight on how the A2L transition will affect your HVAC business!

In this webinar, we will discuss what sales really is (and what it isn’t), where financing fits into that conversation, and how to use a mix of techniques to tackle in-home selling — regardless of your job title.

Feb. 10, 2014: Target Credit Card Info Stolen Using HVACR Contractor’s Network Access

Fazio Mechanical Services Identified; Contractor Issues Statement

Sign Up. Stay Informed.

The #1 trusted source for the HVACR industry since 1926

Feb. 10, 2014: Target Credit Card Info Stolen Using HVACR Contractor’s Network Access

Fazio Mechanical Services Identified; Contractor Issues Statement

Share This Story

Report Abusive Comment

Sign Up. Stay Informed.

The #1 trusted source for the HVACR industry since 1926