22 July 2017
visit www.finastra.com

Neiman Marcus says 1.1 million cards compromised; Michaels Stores latest to report breach

27 January 2014  |  5666 views  |  0 Credit card

Luxury retailer Neiman Marcus says that up to 1.1 million customer payment cards were compromised in the recent data breach that hit its instore POS terminals over a four-month period from July to October 2013.

In a letter to customers posted on the Neiman Marcus Website, CEO Karen Katz confirms that malware installed on its systems actively attempted to collect or "scrape" payment card data from July 16, 2013 to October 30, 2013.

She says that card schemes Visa, MasterCard and Discover have notified the retailer that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently.

The scope of the attack is far more limited than a similar breach at Target, which afflicted more than 100 million customers. While no direct connection between the incidents has been established, the similarities are striking, with malicious malware identified as the culprit.

The Target data breach was allegedly carried out using off-the-shelf malware authored by a 17-year old Russian

Last week, Texas police arrested two Mexican citizens accused of using card data stolen in the Target data breach to buy tens of thousands of dollars' worth of goods.

Since then, speciality arts and craft retailer Michaels Stores has also come forward to report fraudulent activity on cards used at its outlets. The company says it is working closely with federal law enforcement and is conducting an investigation with the help of third-party data security experts to establish the facts.

"We are concerned there may have been a data security attack on Michaels that may have affected our customers' payment card information and we are taking aggressive action to determine the nature and scope of the issue," says Chuck Rubin, CEO. "While we have not confirmed a compromise to our systems, we believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves, for example, by reviewing their payment card account statements for unauthorised charges."
KeywordsEFTPOS

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Texas police make Target data breach-related arrests

Texas police make Target data breach-related arrests

21 January 2014  |  3867 views  |  0 comments | 1 linkedin
Russian teen accused of writing Target malware

Russian teen accused of writing Target malware

20 January 2014  |  6252 views  |  4 comments | 8 tweets | 10 linkedin
Citi replaces all debit cards involved in Target breach

Citi replaces all debit cards involved in Target breach

16 January 2014  |  6129 views  |  0 comments | 7 tweets | 7 linkedin
Target hackers used POS malware to steal card details

Target hackers used POS malware to steal card details

14 January 2014  |  7322 views  |  0 comments | 5 tweets | 5 linkedin
Hackers compromise Neiman Marcus customer card data

Hackers compromise Neiman Marcus customer card data

13 January 2014  |  4594 views  |  0 comments | 6 tweets | 3 linkedin
Target raises numbers hit by data breach from 40 million to 70 million

Target raises numbers hit by data breach from 40 million to 70 million

10 January 2014  |  5819 views  |  1 comments | 11 tweets | 6 linkedin
Target says 40 million cards may have been compromised in data breach

Target says 40 million cards may have been compromised in data breach

19 December 2013  |  10189 views  |  2 comments | 11 tweets | 12 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.finastra.comvisit www.niceactimize.comvisit www.abe-eba.eu

Top topics

Most viewed Most shared
German fintech factory FinLeap raises EUR39 millionGerman fintech factory FinLeap raises EUR3...
13122 views comments | 19 tweets | 15 linkedin
Mastercard to buy AI outfit BrighterionMastercard to buy AI outfit Brighterion
9236 views comments | 14 tweets | 20 linkedin
Barclays rides payments-as-a-service wave with investment in Form3Barclays rides payments-as-a-service wave...
8319 views comments | 16 tweets | 12 linkedin
hands typing furiouslyThe Digital Trade Chain: the blockchain tr...
8002 views 0 | 7 tweets | 16 linkedin
Mastercard and Scotiabank join Enterprise Ethereum AllianceMastercard and Scotiabank join Enterprise...
6812 views comments | 25 tweets | 15 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job