Target's monitoring software FireEye generated security alerts about an ongoing breach affecting 70 million customers, but staff failed to act on these alerts due to information overload and alert fatigue from excessive false positives.
In 2013, Target experienced a major data breach where thieves stole credit card data from 40 million customers and private data from 70 million customers by accessing point of sale (POS) systems. During the attack, Target's monitoring software FireEye detected the malicious activity and generated alerts that were sent to staff in Bangalore, India, who then notified Target staff in Minneapolis. However, no action was taken because these legitimate alerts were mixed in with many other likely false alerts, creating information overload for analysts. The report indicates that some of Target's network infiltration alerting systems were turned off to reduce false positives, which contributed to the missed detection. Target only discovered the breach when contacted by the Department of Justice. The incident exemplifies the broader industry problem of alert fatigue, where security teams receive thousands of alerts daily but most are false positives, leading to legitimate threats being overlooked.
Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.
AI systems that fail to perform reliably or effectively under varying conditions, exposing them to errors and failures that can have significant consequences, especially in critical applications or areas that require moral reasoning.
AI system
Due to a decision or action made by an AI system
Unintentional
Due to an unexpected outcome from pursuing a goal
Post-deployment
Occurring after the AI model has been trained and deployed