The attack appear to have occurred mid-December, at around the same time as another well-known US chain – Target – also had customer information stolen from it by hackers.
Target recently acknowledged that the number of customers impacted by that attack could have risen to 110 million, a jaw-dropping 70 million more than previously thought.
Neiman Marcus provided a statement to security blogger Brian Krebs, who broke the story of the high-end retailer’s breach:
Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.
We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensic firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result.
We have begun to contain the intrusion and have taken significant steps to further enhance information security.
The security of our customers’ information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.
At the moment no figures are available as to just how many Neiman Marcus customers may have had their personal and financial information exposed, but let’s hope it is nothing like as large a number as the 110 million hit in the Target breach.
If you have shopped at Neiman Marcus, or have travelled to the United States recently and may have made a purchase at one of their stores, my advice would be to keep a close eye on your credit card statement for unexpected transactions.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.