Law enforcement authorities are investigating the role of a heating and cooling contractor in the theft of 40 million payment card account numbers for Target shoppers.
A federal source with knowledge of the investigation confirms authorities are trying to determine if hackers gained access to Target's computer systems by stealing log-in and password information from the contractor, Fazio Mechanical Services.
The Pennsylvania company said it cannot comment on the on-going federal investigation into the technical causes of the breach. But the firm said it does not use its data access in connection with Target's heating, cooling and refrigeration systems.
Fazio said its data connection with Target is only for electronic billing, contract submission and project management. The company said Target is the only customer for whom it manages those processes remotely and that no other customers have been affected by the breach.
"Like Target, we are a victim of a sophisticated cyber attack operation," said company president Ross Fazio in a statement. "We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive initiatives that will further enhance the security of client/vendor connections making them less vulnerable to future breaches."