Credit card hackers hit US retailer Neiman Marcus

Graham Cluley

Neiman MarcusPosh US department store Neiman Marcus has been hit by hackers who managed to break into its systems and access the credit and debit card information of shoppers.

The attack appear to have occurred mid-December, at around the same time as another well-known US chain – Target – also had customer information stolen from it by hackers.

Target recently acknowledged that the number of customers impacted by that attack could have risen to 110 million, a jaw-dropping 70 million more than previously thought.

Neiman Marcus provided a statement to security blogger Brian Krebs, who broke the story of the high-end retailer’s breach:

Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.

We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensic firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result.

We have begun to contain the intrusion and have taken significant steps to further enhance information security.

The security of our customers’ information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.

At the moment no figures are available as to just how many Neiman Marcus customers may have had their personal and financial information exposed, but let’s hope it is nothing like as large a number as the 110 million hit in the Target breach.

If you have shopped at Neiman Marcus, or have travelled to the United States recently and may have made a purchase at one of their stores, my advice would be to keep a close eye on your credit card statement for unexpected transactions.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.
Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES