Alex Witt | January 19, 2014
>>> surprising new details in last month's vast security breach at target and neiman marcus stores. new reports that the mastermind came from a teenager in st. petersburg, russia. now the cyber security firm interpol says that at least six other retailers may currently be under attack by hackers. haley has been covering this and joins me now from washington, d.c. a big welcome to you. i'm curious why we haven't heard the names of the other retailers yet. do you know who they are, any idea if they could be as big as target?
>> you know, they haven't released any information on that yet. i think probably they want to be sure that the retailers that are affected are truly being affected by this same malware and they have an interest in making sure they confirm all the details before they release any information.
>> there are reports out there that it has been downloaded some 60 times. so this list of security breaches , do you expect them to keep going?
>> absolutely. you know, i think given how many times he's said to have been able to sell this and sort of -- certainly the value that they get out of an attack like this, i think the list -- we can expect it to keep on growing.
>> how did cyber security firms trace this hacking to a 17-year-old russian national, and what do we know about him?
>> well, we know that he is fairly well-known on sort of the underground marketplaces where this software is bought and sold. and they were able to trace him just by kind of looking at the transaction data , looking at the nature of the software that was used in this attack. kind of looking for signature authorship kind of tells. and so they identified him and sort of his communications and that's how they believe that they have identified him.
>> reports that this hacking went on for months. how did this go undetected for so long at target?
>> you know, i think part of that is just because of the way that this attack was carried out. it targeted the point of sales systems, which is kind of where you go and swipe your card. and it just sat on these networks and pulled information, and i guess they weren't able to find it, to find the malware.
>> what does it say about our security if we've got a 17-year-old in russia that can write code and hack into major retailers during the busiest shopping time in the year? can any system really be hacker-proof?
>> well, in this particular instance, what intercrawler is saying is that the hackers were able to install it by just cracking really simple pass words that people had put in the system. now, target and neiman marcus have both said they don't have any corroboration of that from their internal review, but weak passwords are a problem and it's certainly something we have to look at, the way that security is, all of our personal data being controlled by just a few -- by one word, by one password. whether that's sustainable and something that we can continue doing.
>> sure makes you want to stop and take a look at that. thank you so much, from "the washington post ," appreciate it.