Neiman Marcus: Hack Exposed 1.1M Payment Cards; 2,400 Fraud Cases Tracked

Neiman Marcus: Hack Exposed 1.1M Payment Cards; 2,400 Fraud Cases TrackedNeiman Marcus has released more details about its three-and-a-half-month data breach affecting 1.1 million payment card accounts of customers.
To date, Visa, MasterCard and Discover have notified the retailer that about 2,400 individual customer payment cards used at Neiman Marcus and Last Call stores “were subsequently used fraudulently,” says a statement on the Neiman Marcus website.
The breach at Neiman Marcus is small-scale compared to the massive hack on Target stores during the holiday shopping period that exposed the credit and debit card data — and other personal information — of at least 70 million customers.
Both stores were victims to the same strategic breach that takes advantage of the older magnetic stripe technology on payment cards. In Europe and Canada, payment cards have smart chips installed, making it harder for thieves to snatch data from a computer networks over time, as were the cases in the Target and Neiman Marcus breaches at in-store points of sale.
Here’s how Neiman Marcus explained its theft:
“While the forensic and criminal investigations are ongoing, we know that malicious software (malware) was clandestinely installed on our system. It appears that the malware actively attempted to collect or “scrape” payment card data from July 16, 2013 to October 30, 2013.”
During that period of time, approximately 1,100,000 customer payment cards could have been potentially visible to the malware.
Here’s more from Neiman Marcus:
• Social security numbers and birth dates were not compromised.
• Our Neiman Marcus and Bergdorf Goodman cards have not seen any fraudulent activity.
• Customers that shopped online do not appear to have been impacted.
• PINs were never at risk because we do not use PIN pads in our stores.
Neiman has a Question and Answer section that can be found here.

Leave a Reply

Your email address will not be published. Required fields are marked *