Target (and Lowe's) were hacked for credit cards (but not Walmart) because they did not update POS software to newer OS as recommended by the manufacturer, Microsoft.
So, glad to see Target spends money training employees, for it didn't spend the money for upgrading their POS terminal software (and apparently Walmart has).
Target didn't get hacked for not having updated software. They were hacked because an HVAC contractor was hacked to get the HVAC system credentials and it wasn't properly segregated from the same network as the POS terminals. They even had FireEye installed and detected the exfiltration malware [0], but for some reason ignored the alarms.
I used to work as a consultant to a subsidiary of one of the largest software security firms. The security hole exploited by the hackers was essentially closed by Windows 7 embedded in 2010. Target was running Windows XPe (embedded).
I had read the Bloomberg article when it came out with some interest, because the reason Target was hacked was simply because they did not upgrade the POS OS as recommended and it was for this reason that Target was hacked.
"Both Home Depot and Target Corp. (TGT) -- whose registers were compromised last December -- appear to have fallen victim to a decade-old exploit of Windows XPe.
What's more, these losses -- which may total as many as 100 million customer credit and debit card numbers -- could have likely been prevented by simply paying to upgrade to a more modern Microsoft Corp. (MSFT) operating system, such as Windows 7 for Embedded Systems." [1]
Each version of Windows has security upgrades (sometimes using new features of Intel CPU hardware) that previous versions of Windows don't implement, even with security updates.
Many of these security hacks happen because firms that use computers refuse to pay for proper security software, perform recommended upgrades and to hire very competent people to work with their systems. Of course, the systems can still be hacked, but there are easier systems to exploit and the attacks can be caught earlier and with limited consequences.
So, glad to see Target spends money training employees, for it didn't spend the money for upgrading their POS terminal software (and apparently Walmart has).