Neiman Marcus has become the second major retailer hit with a credit card breach over the holiday season. The upscale clothing store confirmed that thieves stole some of its customers' payment card information and made unauthorized charges, although it did not say how many records were potentially compromised.
The Dallas-based retailer said it began investigating reports of fraudulent activity on credit cards belonging to customers who had shopped in its stores in mid-December when it discovered that its systems had been intruded. A third-party forensics firm confirmed the cyber-security intrusion on January 1, the company said. Neiman Marcus is working with the Secret Service, as is customary in these attacks.
"We have begun to contain the intrusion and have taken significant steps to further enhance information security," the company said, adding it was notifying customers whose cards were used fraudulently after making a Neiman Marcus purchase.
The retailer has declined to comment if the breach was related to the Target (NYSE: TGT) cyber attack, although Robert Siciliano, a security expert with McAfee, told USA Today that it's likely the two thefts were committed by the same organized group.
Little is known about the breach as of now, as Neiman Marcus has remained tight lipped about the scope of the attack. The company also has not disclosed whether data from any of the other retailers it operates — including Bergdorf Goodman, Horchow, Cusp and Last Call — were affected. So far, online Neiman Marcus shoppers do not appear to be affected, only retail shoppers.
For more see:
This Neiman Marcus statement
This USA Today article
Target Data Breach Gets Worse, 110 Million Shoppers At Risk
Target Now Says 70 Million People Affected by Breach
Target Admits Encrypted PIN Data Was Stolen In Data Breach
Report: Target Shoppers Spent 20 Minutes on Hold in Breach Aftermath
Target Suffers Reduced Traffic After Breach, Hit With More Lawsuits