Founded in 1902, the company operates 1,948 stores in the U.S. and reported $109.1 billion in revenue in 2022. A recent data breach, caused by a third-party contractor through a phishing attack, compromised the data of 110 million customers, leading to financial and legal repercussions, prompting enhanced security measures and employee training. The company is focused on improving vendor security, monitoring, and compliance with PCI DSS to reduce payment card fraud.

3. •
•
•
•
•

4. .

5. • Founded in 1902 in Minneapolis
• Operates 1,948 stores across the U.S
• Known for philanthropy
• Brian C. Cornell is the current Chairman
and CEO
• Reported revenue of $109.1 billion in
2022

6. •110 million customers affected
•Breach through 3rd party contractor
•Phishing attack
•Installed malware at company's POS
•Undetected for weeks

7. • Financial Impact
• Data compromised
• Legal consequences
• Reputation Damage

8. • Enhanced security practices
• Employee training & awareness
• Improved vendor security & limited
access
• Enhanced firewall rules and policies
• Improved monitoring

9. • Securing credit card data PCI DSS
(Payment card industry data security standard)
•To reduce payment card fraud.
•Regular audits of CDE (cardholder data
environment)

10. • Prioritize the Switch to EMV
• Consider How Third Parties Fit into Security
• Plan for When a Cyber Attack Gets Through

11. . . .
. .
. .

12. !!