I can see how the POS data could be collected by this malware and sent to some obscure place on Target’s servers for later collection by the bad guys, but how did it get there? I suspicion that someone within Target’s IT department with access may have done this and opened a back door for the bad guys to retrieve the hacked information. It is also possible that someone could do this by hacking into the system from outside, but then why pick Target instead of some more high end stores where customers have more to steal?
That’s hackers’ goal was the data, not to bilk cardholders directly. The way these large scale credit card scams generally work is the hackers steal the information, package it in bundles, and then resell it to criminals on the black market. These criminals then run the false transactions.