Neiman Marcus Group has become the second major US retailer in the last month to admit that hackers have compromised its systems, making off with customer card details.
In a statement, the Dallas-headquartered retailer says that it was told by its merchant processor in mid-December that unauthorised card activity had been spotted after purchases at its stores.
A subsequent investigation by an outside forensics firm found evidence of a cyber-breach and that "some customers' cards were possibly compromised as a result".
Citing sources, the Wall Street Journal says that fewer than one million cards were compromised while the firm used Twitter to say that it was notifying customers "whose cards we know were used fraudulently after purchasing at our stores".
News of the breach comes just days after Target admitted that up to 70 million - not as initially claimed 40 million - customers may have had their cards compromised in its data breach.
According to Reuters, Target and Neiman Marcus are not the only merchants to have been hit by crooks over the holiday period. Citing sources, the wire service says that at least three other well-known retailers have suffered smaller breaches but have not yet gone public with the news.
Law enforcement agencies suspect that the spate of attacks is being masterminded from Eastern Europe.
The National Association of Federal Credit Unions has used the breaches to call on Congress to bring in legislation that would make retailers responsible for breaches of their systems.
Says CEO Dan Berger: "Credit unions and other financial institutions aren't the problem. There are ample rules in place to ensure data protection standards at financial institutions. Still, consumers and small financial institutions - including credit unions - are picking up the tab for retailers."
The National Retail Federation, that represents Target, Wal-Mart and other big stores, has called on banks and retailers to speed up the introduction of EMV-based chip cards to boost security and consumer confidence in the industry.