- CyberCrime Center
January 14, 2014
Neiman Marcus has a reputation for expensive merchandise – especially for holiday shoppers looking for a unique gift. Included in last year’s offerings were a trip that starts at De Beers where the gifted claims and names his/her (we want to be politically correct here) 25-carat diamond. Then it’s on to Namibia to learn about ethical diamond sourcing before ending up in the USA where the person receiving the gift designs her/his ring: $1,850,000… an Aston Martin Vanquish Volante with a naturally aspirated 6.0-liter, V-12 engine producing 565 horsepower with 45 pound-feet of torque and reaches 180-plus mph: $344,500…an outdoor entertainment system with a television that stores itself underground and with the click of a button, emerges into a 201” C SEED screen with DirecTV and a library: $1,500,000-2,640,000.
Though it can be pricey, one thing Neiman Marcus hadn’t intended offering customers, but did anyway, was the opportunity to have their personal information compromised by cybercriminals.
Was the Neiman Marcus breach related to the Target attack? No one knows for sure or at least they’re not saying. But Brian Krebs on krebsonsecurity.com points out that “Target has so far not publicly released information that would help other retailers determine whether their systems may have been hit by the same attackers.”
Calling on financial industry sources, Krebs stated that, “an increasing number of fraudulent credit and debit card charges…were being traced to cards that had been very recently used at brick-and-mortar stores run by the Dallas, Texas based high-end retail chain. Sources said that while it appears the fraud on those stolen cards was perpetrated at a variety of other stores, the common point of purchase among the compromised cards was Neiman Marcus.”
The company issued a statement saying that, “Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.
“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.”
ThreatMetrix secures Web transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, CNP fraud, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Data Breach, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Malware, Malware Detection, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Neiman Marcus, Neiman Marcus Data Breach, Online Fraud, Phishing, Phishing Detection, PII, ThreatMetrix, ThreatMetrix Global Trust Intelligence Network, ThreatMetrix Web Fraud Map, TrustDefender Cybercrime Protection Platform, Web Fraud