A month after Neiman Marcus revealed a hack of customer credit and debit cards, an investigation has determined the hackers set off about 60,000 alerts in the retailer's security systems during their attack.
The alerts went undetected because the card-skimming software was programmed to delete itself each day from Neiman Marcus' registers and would be constantly reloaded. The thieves had also given the malware a name almost identical to the company's payment software, so that when the endpoint protection logs were reviewed, entries tied to it wouldn't stand out.
"These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1 percent or less of the daily entries on these endpoint protection logs, which have tens of thousands of entries every day," Ginger Reeder, a spokeswoman for Neiman Marcus, told Bloomberg Businessweek.
The malware was active within the Neiman Marcus payment system between July and October 2013. Neiman Marcus has revised downward the number of credit and debit cards exposed during that time from 1.1 million to 350,000, according to a notice posted Friday on its website.
"The number has decreased because the investigation has established that the malware was not operating at all our stores, nor was it operating every day in those affected stores," wrote Neiman Marcus Group President and CEO Karen Katz. The company says that 77 of 85 stores were found to be compromised during the data breach.
Neiman Marcus also revised the number of card details that have been fraudulently used to 9,200, up from 2,400.
Other recent findings from the investigation include the revelation that the hackers who attacked Neiman Marcus are likely not the ones who breached Target (NYSE: TGT), as they wrote specific code to compromise the Neiman Marcus network.
Neiman Marcus confirms credit card data breach
Data hacks: FBI says more breaches in store, Neiman Marcus says 1.1M cards at risk
Target invests $5 million in security education, offers free credit monitoring to customers for one year
Target data breach gets worse, 110 million shoppers at risk
Target now says 70 million people affected by breach