Just weeks after Target announced that hackers stole millions of customer credit card numbers in a large-scale security breach, a second retailer acknowledged it has also been hacked.
Neiman Marcus admitted to security journalist Brian Krebs that it is indeed investigating a hacker break-in after Krebs heard rumblings in the financial community about a growing number of fraudulent credit claims being traced back to the upscale retailer. Neiman Marcus did not disclose what information or how many customers might be affected, but it’s working with the U.S. Secret Service to investigate.
A massive security breach at Target in late November to early December put what’s now believed to be 70 million credit cards at risk. Worse, the information stolen may have included the names, phone numbers, addresses, and email addresses of customers, though the company originally thought only credit card numbers were swiped.
Some Target customers affected by the breach have reported having trouble using their cards to withdraw money or to make purchases.
It appears the Neiman Marcus breach happened in close time proximity to the one at Target in mid-December, but this is the first we’re hearing about it. Neiman Marcus officials said there’s no evidence the breach has any relation to the Target data heist.
“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation,” the company said in a statement. “On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.”
Customers of the Neiman Marcus website were not affected, company officials said.