Target’s newest security problem: Pranksters taking over PA to blast X-rated audio

Back in September, Brian Krebs reported on a confidential Verizon security assessment of Target’s network done shortly after the company was breached in 2013; Verizon consultants found Target was using weak or default passwords, had failed to deploy critical security patches, was running outdated services, and showed signs of other basic security problems. Target is having trouble again, but this time it’s with pranksters “exploiting holes” in Target’s PA system. It could have been done as an early Halloween prank, except this wasn’t the first time X-rated audio has blasted from a Target store’s PA system.

Last Thursday, Gina Young was in Target with her three-year-old twin boys and recorded the explicit audio that played for about 15 minutes. She posted the video on Facebook. “Porn blasting over the intercom throughout the store,” she wrote. “People offered to help me cover my [twins’] ears. Others threw [their] stuff down and walked out. Employees were running around everywhere. Picking and hanging up phones, which worked…for about two minutes before it started up again.”

Some Target shoppers laughed, some were disgusted, and some started “yelling and screaming at store employees.” Young wasn’t the only one who thought no one would believe it was happening and documented the incident by taking a video.

A guy also whipped out his phone to record the “sexually explicit moans and groans” and the profanity playing over the PA. Chris Minor told KPIX5, “I thought it may have been Halloween related, maybe an employee playing games, but this was rated-X material, which made me feel very uncomfortable. I was taken aback, very frustrated, and appalled, and angered by what I heard.”

SFGate reported the store had no sooner made an announcement apologizing for the incident before the X-rated recording began playing again.

Back in July, a similar porn broadcast over the PA system resulted in the evacuation of the Target store in San Luis Obispo, California; the evacuation was temporary while staffers “figured out how to turn it off.” But that also wasn’t an isolated incident, as KTVU reported there have been at least four times when X-rated audio blasted over PA systems in different California Target stores. They occurred in April, July, September and now in October.

The BBC’s Dave Lee obtained an email sent to Target store managers that explained how the prank works; he omitted one part so it wouldn’t spur a rash of porn audio PA take-over pranks:

Non-Target team members are attempting to access the intercom system by calling stores and requesting to be connected to line [xxxx].

If connected, callers have control of the intercom until they hang up.

We are actively working to limit intercom access to the Guest Services phone only. In the meantime, inform all operators to not connect any calls to line [xxxx].

Although a Target spokeswoman declined to say if the email was real, she said, “We are actively reviewing the situation with the team to better understand what happened and are taking steps to help ensure this doesn’t happen again. Because this is an active investigation, I’m unable to share additional details, but we want our guests to know that we take this very seriously.”