Fri January 10, 2014
Neiman Marcus Says Hackers Stole Credit Card Data
Upscale retailer Neiman Marcus isn't yet saying how many customers might be at risk, but it is confirming that a breach of credit card data took place. The company says it learned of "potentially unauthorized payment card activity" before Christmas. The company says it is working with federal investigators, and a forensics team is trying to determine the size of the breach.
The digital security expert Brian Krebs wrote about the stolen credit card data today:
"Earlier this week, I began hearing from sources in the financial industry about an increasing number of fraudulent credit and debit card charges that were being traced to cards that had been very recently used at brick-and-mortar stores run by the Dallas, Texas based high-end retail chain."
Krebs also says that a Neiman Marcus representative says there's no sign that the hack is related to the attack on Target, which said today that information about up to 70 million people may have been stolen.
Here's a statement Neiman Marcus spokesperson Ginger Reeder sent to NPR's Sonari Glinton:
"Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.
"We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.
"The security of our customers' information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store."