Neiman Marcus have confirmed that they were hacked recently, admitting that cyber thieves were able to steal some of their customers' card information.
Those responsible also managed to make dozens of unauthorized charges over the festive season. Neiman Marcus' admission means that they are the second retailer in under a month to confirm that their security system has fallen victim to a cyber-security attack. Target Corp. confirmed just a few weeks ago that they had been breached.
A spokeswoman for Neiman Marcus Group Ltd., Ginger Reeder, released a statement via email on Saturday which confirmed that the retailer was informed in the middle of December about the various transgressions.
Reeder added that the Dallas based corporation had been told by their credit card processor that there had potentially been a series of unauthorized payment activities, which had occurred after customer purchases had been made at their stores.
A forensics firm then began an investigation into whether or not criminal activity had been conducted. On January 1 they confirmed that the retailer had been victim to the abuse. They also went on to add that some of Neiman Marcus' customers had probably had their credit and debit card information compromised in the incident too.
At the moment, Neiman Marcus, who have over 40 upscale stores in the United States, haven't confirmed how many customers they believe have been affected by the hack. However, they are now working in conjunction with the Secret Service to figure out who has been involved in the disturbance.
Reeder wrote in the email, "We have begun to contain the intrusion and have taken significant steps to further enhance information security."
A security expert has revealed that Neiman Marcus might not yet know how bad the security breach actually was. Robert Siciliano, who works for the computer security software maker McAfee, believes that the same group committed the breaches at Neiman Marcus and Target.
Based on his experience, he also believes that they happened at the same time too. Siciliano noted, "It's a knee-jerk reaction that the security industry has right now."
On December 19, Target announced that between November 27 and December 15 around 40 million credit and debit card accounts were breached.
The second largest U.S. discount store admitted that hackers took personal information, which included names, phone numbers, and email addresses from some customers. Others had their names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards stolen.