Retail Hackers Exploited Holes in Network-Management Software

The hackers behind recent attacks on large retailers such as Target and Nieman Marcus got inside those corporate computer systems through the software used to keep tabs on their sprawling networks, according to a Federal Bureau of Investigation bulletin.

The two-page document suggests retailers could have taken steps to block a potent computer virus that allowed hackers to steal payment card information. Some retailers targeted by the hackers have not yet come forward, according to people familiar with the investigation. The document doesn't mention any retailers by name. But it says the hackers exploited holes in "remote management software," which companies use to monitor and manage their networks, during a recent string of payment card hacks. Connecting that software to payment-card readers at checkout counters "may represent a vulnerability" that, along with poor passwords, allows attackers to infiltrate the network, according to the document.