Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Nieman Marcus Says Hackers Stole Details of 1.1 Million Customer Credit Cards

High-end department store Neiman Marcus said that between July 16 and October 30, 2013, hackers using sneaky point-of-sale malware were able to obtain details of roughly 1,100,000 customer payment cards.

Nieman Marcus Data Breach

High-end department store Neiman Marcus said on Thursday that between July 16 and October 30, 2013, hackers using sneaky point-of-sale malware were able to obtain details of roughly 1,100,000 customer payment cards.

“While the forensic and criminal investigations are ongoing, we know that malicious software (malware) was clandestinely installed on our system,” Karen Katz President and CEO of Neiman Marcus Group, wrote in letter to customers. “It appears that the malware actively attempted to collect or “scrape” payment card data from July 16, 2013 to October 30, 2013. During those months, approximately 1,100,000 customer payment cards could have been potentially visible to the malware.”

So far, Visa, MasterCard and Discover told the retailer that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were used fraudulently.

Based on the investigation so far, social security numbers and birth dates were not compromised, the company said.

Neiman Marcus and Bergdorf Goodman cards have not seen any fraudulent activity, the company said, and online customers do not appear to have been affected.

Fortunately, Neiman Marcus does not use PIN pads its retail locations, so PINs are not at risk, unlike the recent data breach at Target.

It is not known if there is any connection between the Target and Neiman Marcus data breaches.

On Jan. 11, Neiman Marcus told SecurityWeek that they were informed by their credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at Neiman Marcus Group stores.

Since then, the company has remained silent on the issue.

Advertisement. Scroll to continue reading.

According to Daniel Ingevaldson, CTO at Easy Solutions, some compromised card numbers taken from Neiman Marcus may have hit the cybercrime underground in early January.

“On Jan 4th, we saw a dump of 2 Million cards onto the black market – one of the largest single day drops we’ve seen in a while,” Ingevaldson said after news of the breach was initally disclosed. “While we can’t definitively say what the source of the breach was, the percentage of Extremely High Value cards is significantly higher than we see on average,” he continued. “These are cards like the Amex Centurion card – an invite-only card that comes with a $7500 setup fee, and $2500 annual fee. While it is hard to determine from a single black market, this would indicate these could come from a high end source, such as Neiman Marcus.”

News of the breach was initially reported by cybercrime researcher and blogger Brian Krebs. Krebs said he was informed by sources from the financial industry about fraudulent credit and debit card charges that were traced to cards that had been recently used at bricks-and-mortar Neiman Marcus locations.

The Neiman Marcus Group operates 41 Neiman Marcus branded stores, 2 Bergdorf Goodman stores, and 35 Last Call stores.

On Thursday afternoon, Reuters reported that the FBI has issued a warning to U.S. retailers, saying they should prepare for more cyber attacks after discovering about 20 cases over the past year that involved point of sale malware.

Related Analysis: How Cybercriminals Attacked Target

SecurityWeek’s Cyber Insights 2023 is a series of in-depth feature articles that examine major pain points in cybersecurity risk and remediation. SecurityWeek liaised with more than 300 cybersecurity experts from over 100 different organizations to gain insight into the major security issues of today – and how these issues might evolve. We believe this provides the single most extensive contemporary collection of cybersecurity problems and solutions for now, for 2023, and for the years that follow. (The full index of topics is available here)
Cyber Insights | 2023
Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.