Target hired security experts at Verizon to probe its networks for weaknesses in December 2013. The Verizon assessment, conducted between December 21, 2013 to March 1, 2014, notably found no controls limiting their access to any system, including devices within stores such as point of sale (POS) registers and servers Verizon consultants were able to directly communicate with point-of-sale registers, servers from the core network. Target commissioned the study in anticipation of litigation from banks that might join together to sue the retailer in a bid to recoup the costs of reissuing cards to their customers.”]
Source: https://krebsonsecurity.com/2015/09/inside-target-corp-days-after-2013-breach/