Payment data hacked at US luxury retailer Neiman Marcus

Payment data hacked at US luxury retailer Neiman Marcus

Image of Neiman Marcus shopfront courtesy of Wikimedia CommonsDallas-based retail group Neiman Marcus confirmed on Saturday that its customers may be at risk after hackers breached its servers and accessed the payment information of store visitors.

The luxury merchant said that the security breach occurred in mid-December and that an undisclosed number of payment cards had been compromised.

The news comes not long after we learned that a similar breach at Target, also in mid-December, was far worse than first thought with more than 70,000,000 “guest records” snaffled, as well as 40,000,000 payment card records.

Neiman Marcus spokesperson, Ginger Reeder, said in an email on Saturday that:

Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.

We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.

The security of our customers’ information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.

Further details of the attack are few and far between at this point in time so it is hard to tell exactly what type of information has been stolen, or how many customers may potentially be at risk.

According to a report from Reuters Neiman Marcus and Target are not alone in being breached over the Christmas shopping period. While the news agency did not identify any other victims, it did say that at least three other retailers with brick and mortar outlets may have been compromised to a lesser degree.

Cyber criminals are always busy during the holiday season as consumers tend to spend a lot more money online, making it more difficult for credit card companies and retailers alike to spot unusual spending patterns.

The rise in data breaches is a concern that has grabbed the attention of lawmakers. US Congress is moving towards making notifications of data breaches a mandatory requirement.

In a statement on Friday, Democratic Senator Ed Markey said: “When a number equal to nearly one-fourth of America’s population is affected by a data breach, it is a serious concern that must be addressed,” adding that the recent breaches demonstrate a need for clear and strong privacy and security standards across all industries.

Image of Neiman Marcus shopfront courtesy of Wikimedia Commons.