28 July 2016
Find out more

Neiman Marcus says 1.1 million cards compromised; Michaels Stores latest to report breach

27 January 2014  |  5209 views  |  0 Credit card

Luxury retailer Neiman Marcus says that up to 1.1 million customer payment cards were compromised in the recent data breach that hit its instore POS terminals over a four-month period from July to October 2013.

In a letter to customers posted on the Neiman Marcus Website, CEO Karen Katz confirms that malware installed on its systems actively attempted to collect or "scrape" payment card data from July 16, 2013 to October 30, 2013.

She says that card schemes Visa, MasterCard and Discover have notified the retailer that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently.

The scope of the attack is far more limited than a similar breach at Target, which afflicted more than 100 million customers. While no direct connection between the incidents has been established, the similarities are striking, with malicious malware identified as the culprit.

The Target data breach was allegedly carried out using off-the-shelf malware authored by a 17-year old Russian

Last week, Texas police arrested two Mexican citizens accused of using card data stolen in the Target data breach to buy tens of thousands of dollars' worth of goods.

Since then, speciality arts and craft retailer Michaels Stores has also come forward to report fraudulent activity on cards used at its outlets. The company says it is working closely with federal law enforcement and is conducting an investigation with the help of third-party data security experts to establish the facts.

"We are concerned there may have been a data security attack on Michaels that may have affected our customers' payment card information and we are taking aggressive action to determine the nature and scope of the issue," says Chuck Rubin, CEO. "While we have not confirmed a compromise to our systems, we believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves, for example, by reviewing their payment card account statements for unauthorised charges."
KeywordsEFTPOS

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Texas police make Target data breach-related arrests

Texas police make Target data breach-related arrests

21 January 2014  |  3503 views  |  0 comments | 1 linkedin
Russian teen accused of writing Target malware

Russian teen accused of writing Target malware

20 January 2014  |  5849 views  |  4 comments | 8 tweets | 10 linkedin
Citi replaces all debit cards involved in Target breach

Citi replaces all debit cards involved in Target breach

16 January 2014  |  5717 views  |  0 comments | 7 tweets | 7 linkedin
Target hackers used POS malware to steal card details

Target hackers used POS malware to steal card details

14 January 2014  |  6415 views  |  0 comments | 5 tweets | 5 linkedin
Hackers compromise Neiman Marcus customer card data

Hackers compromise Neiman Marcus customer card data

13 January 2014  |  3897 views  |  0 comments | 6 tweets | 3 linkedin
Target raises numbers hit by data breach from 40 million to 70 million

Target raises numbers hit by data breach from 40 million to 70 million

10 January 2014  |  5395 views  |  1 comments | 11 tweets | 6 linkedin
Target says 40 million cards may have been compromised in data breach

Target says 40 million cards may have been compromised in data breach

19 December 2013  |  9382 views  |  2 comments | 11 tweets | 12 linkedin

Related blogs

Create a blog about this story (membership required)
Visit VocaLink.comFind out moreVisit www.abe-eba.eu

Top topics

Most viewed Most shared
satelliteContactless Bitcoin startup Plutus Tap &am...
9556 views comments | 9 tweets | 4 linkedin
Apps crush internet for UK banking loginsApps crush internet for UK banking logins
8573 views comments | 19 tweets | 25 linkedin
Telefonica Germany launches Fidor-backed mobile banking serviceTelefonica Germany launches Fidor-backed m...
6763 views comments | 16 tweets | 20 linkedin
UK and South Korea build 'fintech bridge'UK and South Korea build 'fintech bridge'
5940 views comments | 13 tweets | 14 linkedin
hands typing furiouslyManaging Big Data After Brexit
5794 views 0 | 5 tweets | 8 linkedin

Featured job


Brussels (Belgium) or Paris (France)

Find your next job