Jose Pagliery, NEW YORK (CNNMoney) — The nation finally got a detailed account of the massive Target hack Tuesday, when the company’s chief financial officer testified before the Senate Judiciary Committee.
Target executive John Mulligan told senators it was the Justice Department that first notified the company of the data breach on Dec. 12. Three days later, Target was able to confirm hackers had slipped malware into their point-of-sale network, affecting all card terminals in U.S. stores.
Mulligan reiterated that hackers made off with two batches of data: Information found on 40 million cards swiped during the holiday shopping season, plus personal data kept by Target on up to 70 million customers.
All this happened despite Target’s firewalls, malware detection software and data-loss prevention tools.
“I want to say how deeply sorry we our for the impact this has had on our guests,” he said, explaining that retailers are facing “increasingly sophisticated threats” that outmatch current protections.
The event has put pressure on Target to accelerate implementation of advanced chip-based credit card technology, a safer method that is already found around the world but has not yet been adopted in the United States by the retail and finance industries. Mulligan said Target will update its system by early next year.
“This attack has only strengthened our resolve. We will learn from this incident,” Mulligan said.