Filename: A1-MAIN-AJCD1220-AJCD Cyan Magenta Yellow

Date/Time created: Dec 19 2013 11:42:09:033PM Black

1A AJCD

Username: SPEEDDRIVER03
1A

Friday, Dec 20, 2013 MAIN

GO GUIDE, D1

Need plans for New Years Eve? Use our guide

FRIDAY, DEC. 20, 2013

SPORTS, C1

Say hello to the new face of Kennesaw State

High: 64, Low: 43 20% chance of rain Saturday: Rain, 71/55 Sunday: Storms, 69/61 Details on the back of Sports

Partly cloudy

Todays bonus: Look back at 2013

Bonus coverage is just one click away. Our Year In Review looks back at local news including coverage of the Andrea Sneiderman trial, the McNair school shooting, the trials of numerous public officials and the Gwinnett reghters held hostage. Remember, youll have access to all of our in-depth news on MyAJC.com plus our premium coverage, special photo galleries and our rich interactive content.

CONSUMER SAFETY

Target breach exposes holes

mation of as many as 40 million shoppers who swiped at the retailers stores, exposed a major vulnerability in the way Americans pay. The credit card system is inherently broken, said Jeremiah Grossman, the chief technology officer of Web-application security firm WhiteHat Security. Its a shared-secret system, in which everyone has the secret every time you swipe your card in the U.S. That secret is the data encoded on the back of magnetic-stripe cards: the name of the cardholder, plus the account number, security code and expiration date, among other vital bits. Banks and other card issuers not individual consumers will absorb whatever direct losses result from the Target security breach. Thats a fundamental part of how plastic works: consumer protections shield individual
Target continued on A12 Also inside Did you shop at Target? Find out how to protect your credit, A12

Ethics agency turns to outsider for assistance

Georgias ethics commission took the unprecedented step Thursday of hiring an outsider to oversee the agency roiled by bitter infighting and an intensifying federal investigation amid claims its too cozy with Gov. Nathan Deal. An exlobbyist and former judge has been selected, B1

Credit, debit systems vulnerability put 40M shoppers data at risk.

By Sean Sposito ssposito@ajc.com

The criminals who cracked Targets defenses, stealing debit and credit card infor-

GEORGIA ECONOMY

CHEATING SCANDAL

The economic impact of new Atlanta Braves stadium includes 9,241 new jobs and $295 million in wages. Revitalize Cobb, in a mailer sent Nov. 22, 2013, B1

NATION & WORLD Theater collapse injures dozens

The ceiling of a London theater partially collapsed Thursday night, showering a packed audience with heaps of plaster, wood and dust. More than 80 people were injured, seven seriously, A3 Robertson, suspended from the series indefinitely after making controversial remarks about gays and blacks, is getting some support from key followers, A2

Long-term joblessness tempers hopeful sign. Among unemployed, nearly half have been searching for 6 months.
By Michael E. Kanell mkanell@ajc.com

States jobless rate drops to 5-year low

First APS principal pleads guilty

Gideons educator convicted of felony; 26 defendants remain.
By Bill Rankin brankin@ajc.com

Duck Dynasty: Phil

NSA: The national debate

over U.S. government surveillance has tilted in favor of those seeking to limit the National Security Agencys expansive spying powers, A6

BUSINESS Impact of Fed taper likely to be slight

The Federal Reserves move Wednesday to slow its stimulus will ripple through the global economy. But exactly how it will affect people and businesses depends on who you are, A15

METRO Emails: Braves move put city on defense

Mayor Kasim Reeds team was not prepared for the Braves announcement they were moving to Cobb County, and frantic messages reveal the fallout, B1 started an investigation into the posting of explicit photos of area high schoolers, B1

Cobb girls: Police have

The Georgia unemployment rate dropped last month to 7.7 percent, its lowest point in five years, as the economy added jobs across a range of sectors and layoffs slowed to pre-recession levels. Unemployment is still historically high and long-term joblessness is still a virtual epidemic, but the lower jobless rate reflects vast improvement from the double-digit unemployment of several years ago. It also fuels hope that hiring will pick up through the new year. This confirms that the economic recovery is in place, said Jeffrey Humphreys, director of the Selig Center for Economic Growth at the University of Georgia. This is very good, solid news. The states economy added 19,500 jobs in November and 91,200 in the past year, according to Mark Butler, state labor commissioner. The growth came in several industries, which indicates a broad job market recovery. The job search is not easy, but more employers are willing to hire, said Steve Hines, a Buckhead-based career counselor and author of Atlanta Jobs. The market has definitely picked up this year, he said. There are just more openings than three or four years ago. Despite that growth, in the 4 years since the recession officially ended, the state has
Jobless continued on A4

Erica Parks, a 35-year-old Army veteran, searches online for job openings at her grandmothers home. Parks has been out of work for two years. JASON GETZ / JGETZ@AJC.COM

Growing jobs in Georgia

In past 12 months, Georgia has gained 91,200 jobs total. Results among various sectors: 27,400: professional and business services 20,500: leisure and hospitality 18,600: education and health services 16,500: transportation and warehousing 13,100: construction
Source: Georgia Department of Labor

During just November, Georgia gained 19,500 jobs. Results among various sectors: 14,700: trade, transportation and warehousing 2,000: government 1,700: nancial services 1,500: construction 1,500: education 1,500: health care 1,000: manufacturing 900: information services

Armys cyberwarriors coming to Georgia base

By Dan Chapman dchapman@ajc.com

The U.S. Army announced Thursday that its cyberwarfare headquarters will move to Fort Gordon with 1,500 jobs half likely to be well-paying civilian techies giving Georgia an economic coup and boosting Augustas already robust information technology industry.

For Augusta, its Christmas, New Years and the Super Bowl all wrapped into one. Augusta political and business officials were over the moon Thursday imagining hundreds of additional military and civilian jobs, a flurry of home and office construction and a cemented reputation on the
Jobs continued on A4

A career educator Thursday became the first principal to plead guilty in the Atlanta Public Schools test-cheating scandal and the first defendant to be convicted of a felony. Armstead Salters, who oversaw C.L. Gideons Elementary School for three decades, admitted he directed his teachers to change wrong answers on standardized tests to right ones. It was an open secret throughout APS that cheating was going on at Gideons for years, Fulton County prosecutor Clint Rucker said during the court hearing. Even so, Gideons received constant praise and accolades from top APS administrators, including former Superintendent Beverly Hall, who also is charged in the case, Rucker said. Shortly after Salters entered his plea, the third former teacher from Humphries Elementary School also pleaded guilty. Eight APS defendants now stand convicted. The 26 who remain are scheduled to go to trial next spring unless more enter pleas before then. Salters, 74, began his teaching career in 1966 as a high school science teacher. In 1981, he was promoted to be Gideons principal, a position he held until 2010. The pressure to meet testAPS pleas continued on A12

Follow the case progress of each educator named in the APS indictment.

Get this great deal at www.Kudzu.com/deals: Only $37 for organic deep steam carpet cleaning includes 2 rooms! Classieds E1 Comics D14 Dear Abby D4 Editorial A18 Obituaries B7 Puzzles D13 Television D3 The Vent B2

ETHICS WATCH

Verdict lets Balfour get back to Ga. Senate

Legislator acquitted of filing false claims; case bogged by minutiae.
By Kristina Torres ktorres@ajc.com Read what the AJCs Kyle Wingeld has to say about the possible political ramications after the Balfour acquittal.

2013 AJC, VOL. 65, NO. 354

PRINTED WITH SOY INK ON RECYCLED PAPER

The states case was meant to be a slam dunk: Georgia Sen. Don Balfour, one of the states top political leaders, had already confessed to filing dozens of error-filled expense
1A AJCD

reports. Now Georgia Attorney General Sam Olens is left explaining why he backed such a clunker. A jury took less than three hours to find Balfour not guilty Thursday on all counts

that he tried to steal money from the state, turning one of the states highest-profile criminal prosecutions into a mess of finger-pointing and sour grapes. Olens never set foot in the courtroom during the threeday trial, but insisted after the verdict Balfours expense requests were too numerous and systematic to be simply isolated mistakes, he said in a statement issued by a spokeswoman. If those requests had

been submitted by an unelected state employee, they would have been prosecuted, and a state senator should not be held to a lower standard. Defense attorney William Hill Jr. claimed the state spent $1.5 million on the year-and-ahalf investigation, basing his
Balfour continued on A4 Also inside Ethics agency hires outsider to oversee troubled commission, B1

AJCD

Cyan Magenta Yellow Black

Killed
File name: A1-MAIN-AJCD1220-AJCD

Date/Time created: Dec 19 2013 11:42:09:036PM

Username: SPEEDDRIVER03

Filename: A12-MAIN-AJCD1220-AJCD
Cyan Magenta Yellow

Date/Time created: Dec 19 2013 11:12:16:786PM

AJCD

Username: SPEEDDRIVER13
12A

Black 12A

Friday, Dec 20, 2013 MAIN

A12

CREDIBLE. COMPELLING. COMPLETE.

THE ATLANTA JOURNAL-CONSTITUTION

FRIDAY, DEC. 20, 2013

FROM PAGE ONE

Answers about the Target data breach

By Bree Fowler Associated Press Armstead Salters (left), ex-principal of C.L. Gideons Elementary, became the rst defendant in the case to plead guilty to a felony charge. PHOTOS BY HYOSUB SHIN / HSHIN@AJC.COM

APS pleas
continued from A1

ing targets was excessive and extreme, Salters said in a letter of apology, a condition placed on him by prosecutors as part of his plea. It was unrelenting and created a toxic culture throughout APS where all that mattered was test scores, even if ill-gotten, Salters plea agreement said. I placed the concern of the school administration for test results and test scores above the interests of the children, he said. Salters disclosed to prosecutors how he coordinated test cheating and explained why he did it. Gideons, located in southwest Atlanta, had a challenging, transient student population after nearby housing projects closed in the early 2000s. Its students performed slightly below average in reading, language arts and math. Salters plea agreement said he knew that Hall, after becoming superintendent, began firing teachers whose schools did not meet desired results. The superintendent publicly boasted about this fact on many occasions, only increasing the pressure to make sure his school did well, the plea agreement said.

With less than a week until Christmas, a reallife Grinch has stolen the credit and debit card information of about 40 million Target shoppers. Target says anyone who made purchases by swiping cards at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have had their accounts exposed. Here are some answers to the most common questions about the theft:

Commission. You can get more information about identity theft on the FTCs website at www.consumer.gov/ idtheft, or by calling the FTC, at (877) IDTHEFT (438-4338). occur? A: Target isnt saying how it happened. Industry experts note that companies such as Target spend millions of dollars each year on credit card security, making a theft of this magnitude particularly alarming. Experts disagree about how the breach might have happened. Avivah Litan, a security analyst with Gartner Research, says given all the security, she believes the breach may have been an inside job. But thefts of this size are too big to be the work of company employees, says Ken Stasiak, founder

Q: How did the breach

and CEO of Secure State, a Cleveland-based information security firm that investigates data breaches like this one. Stasiak said that such breaches are generally perpetrated by organized crime or an overseas, state-sponsored hacker group.

Q: I shopped at Target

Wendy Ahmed, a former teacher at Humphries Elementary, walks to the podium to read her apology letter during a plea hearing in the APS criminal case Thursday.

during that time. What should I do? A: Check your credit card statements carefully. If you see suspicious charges, report the activity to your credit card companies and call Target at 866-852-8680. You can report cases of identity theft to law enforcement or the Federal Trade

Q: Who pays if there are fraudulent charges on my account? A: The good news is in most cases consumers arent on the hook for fraudulent charges. Credit card companies are often able to flag the charges before they go through and shut down your card. If that doesnt happen, the card issuer will generally strip charges you claim are fraudulent off your card immediately. And since the fraud has been tied to Target, itll be the retailer that ultimately compensates the banks and credit card companies.

Test tampering began occurring at Gideons as early as 2005 and continued until 2009, Salters told prosecutors. This was possible because the schools testing coordinator, Sheridan Rogers, another defendant in the case, gave teachers access to their students tests so they could correct wrong answers, Salters said. The former principal said he told teachers to go see Rogers and admitted that he told Rogers, Let them have the tests. Salters agreed to cooperate with prosecutors and is expected to testify against Rogers at the upcoming trial. Salters pleaded guilty to a single felony count of

making false statements and writings. This was because he signed and then submitted the 2009 Criterion-Referenced Competency Tests taken by his students and gave assurances there had been no ethical breaches in the testing procedure. Salters was sentenced to two years on probation and ordered to complete 1,000 hours of community service. He also agreed to return $2,000 in bonuses he received. Wendy Ahmed, a former Humphries Elementary teacher, followed Salters to the courtroom podium. She admitted to telling her students the correct answers while they took the 2009 CRCT. Ahmed pleaded guilty to a misdemeanor count of obstruction. She was sentenced to a year on probation and ordered to perform 250 hours of community service and return $500 in bonus money. Standing before Superior Court Judge Jerry Baxter, Ahmed said she could not find the words to express her shame. I made poor decisions that did more harm than good to my students, Ahmed said, her voice trembling. I took so much pride in teaching the children of Atlanta, yet I allowed the fear of administrators to alter my beliefs and values. Baxter has ordered lawyers representing the remaining APS defendants to appear before him today to see whether they have checked in with prosecutors to determine what deals are being offered. Gerald Griggs, an attorney who represents former Dobbs Elementary teacher Angela Williamson, said his client will fight the charges at trial. Its a sad day in Atlanta to hear the punishments that are being handed out now to individuals who accepted responsibility for a systemic issue, said Griggs, who observed Thursdays pleas. The one constant is the pressure all these teachers faced. Once the trial is underway, we will truly know the scope of that pressure.

Target
continued from A1

cardholders from liability. But theres still the hassle of watching for bogus charges or requesting a new card and updating any automatic payments associated with the old one. For card issuers, data thefts on the scale of the Target breach, which occurred between Nov. 27 and the middle of this month, represent a major headache and possibly substantial expenses. To combat would-be thieves, payment networks, banks and retailers are already shifting to new technologies, but the transition will take years. Target admitted Thursday that hackers had infiltrated the payment system used in all its brickand-mortar stores. The admission came a day after digital security reporter Brian Krebs broke the story. The nationwide retailer stressed that its estimate of the number of people affected, 40 million, is just an approximation. Many of those shoppers will probably never experience any fraud on their accounts. For now, exactly how this particular breach happened is unclear. Target had little to say on that subject. Clearly this was a sophisticated crime, said Target spokeswoman Molly Snyder, in an email. However, it is an active and ongoing investigation so I cannot comment further. Still, experts are fairly sure how these schemes take shape. Hackers do business on forums in the deep recesses of the Internet. These meeting places act as eBays for criminal activity. There, malicious actors buy and sell stolen information. After that crooks can work with separate groups that replicate the stolen card information and place lifted data onto pieces of plastic. Eventually, mules on the street get hold of the finished

product and spend the cash. Criminals can also buy goods online. Sometimes criminals bolster the price of their wares by validating that the card is still active a telltale sign that your account has been compromised. They do that by initiating a micro-charge of two dollars or less, something that youre not going to call your issuer about, said Yaron Samid, chief executive of start-up BillGuard, which monitors its users card accounts for fraud. That means cardholders should be vigilant for months, he said, or at least change their PIN codes if they think theyve been affected. Criminals, he explained, can hold on to cardholder data for a long time before selling it on the black market. And even more time may elapse before the transactions that bilk cardholders at the ATM or the virtual or physical point of sale. This all puts the affected banks, payment networks (Amex, Visa, MasterCard and Discover) and merchants in a tight spot. Banks have to make a decision on whether or not to either issue their customers new cards or just put tighter fraud controls on the accounts of customers who might have been impacted. When such incidents occur, Visa works with the breached entity to provide card issuers with the compromised accounts so they can take steps to protect consumers through fraud monitoring and, if needed, reissuing cards, a spokeswoman emailed. Because of advanced fraudmonitoring capabilities, the incidence of fraud involving compromised accounts is actually rare, and Visa fraud rates remain near historic lows. Bank of America and Wells Fargo provided similar statements, emphasizing that customers will not lose money if their cards are used for bogus charges. As they scramble to deal with the Target

breach, financial services companies are already looking to shift the system. The most prominent way theyre doing this is with the chip card standard thats being used by issuers of cards in just about every country in the world outside the U.S. Those cards known as Europay, MasterCard and Visa, or EMV are armed with encrypted chips. EMV technology, experts explain, is just more secure than the magnetic stripes used on American cards. This case exposes the reality that payment networks are only as strong as their weakest link, said Wedbush senior analyst Gil B. Luria. The bad guys find that weakest link and exploit it, and then generate very substantial gains. Visa and MasterCard have said that all merchants except gasoline retailers that dont have the equipment to accept EMV cards by October 2015 will be liable for any fraudulent transactions made on their terminals, Luria said. Its a matter of trying to squeeze fraud out of the system, said Randy Vanderhoof, the director of the EMV Migration Forum, a nonprofit with more than 150 participating organizations. But EMV only protects against fraud at brick-andmortar retailers, not online. In cyberspace, the payment networks are focusing on other methods to cut fraud. Until EMV takes hold, or something more resilient takes the place of the current payment system, consumers will just have to live with the headaches caused by breaches. Its ultimately not the consumers who face the liability here, thats the one beautiful thing about the credit card system, said Robert E. Lee, a security business partner at Intuit. If my card is stolen and used like this, Im not out of pocket. There are all these consumer protections in place, even though the entire system is stupid.

Cyan Magenta Yellow Black

12A

AJCD

File name: A12-MAIN-AJCD1220-AJCD

Date/Time created: Dec 19 2013 11:12:16:790PM

Username: