that Neiman Marcus has confirmed its database of customer information was hacked over the holidays. The breach was first reported
The breach at Neiman Marcus sounds similar to what happened at Target. Online customers do not appear to have been affected. The scope of the breach is unknown and the number of credit and debit cards impacted has not yet been revealed.
Neiman Marcus issued the following statement:
Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.
We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.
The security of our customers' information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store."
Krebs on Security notes
that the time frame of the Neiman Marcus and Target breaches are similar, but a connection between the two has not been made at this time. Target recently expanded
the scope of its breach and announced that 110 Million Americans' personal information was obtained in the massive data hack.