Neiman Marcus Targeted by Same Hackers Who Targeted Target? Upscale Retailer Breached During Same Approximate Time Frame.

Posted on January 14th, 2014 by Dan Rampe

Neiman Marcus

Neiman Marcus has a reputation for expensive merchandise – especially for holiday shoppers looking for a unique gift. Included in last year’s offerings were a trip that starts at De Beers where the gifted claims and names his/her (we want to be politically correct here) 25-carat diamond. Then it’s on to Namibia to learn about ethical diamond sourcing before ending up in the USA where the person receiving the gift designs her/his ring: $1,850,000… an Aston Martin Vanquish Volante with a naturally aspirated 6.0-liter, V-12 engine producing 565 horsepower with 45 pound-feet of torque and reaches 180-plus mph: $344,500…an outdoor entertainment system with a television that stores itself underground and with the click of a button, emerges into a 201” C SEED screen with DirecTV and a library: $1,500,000-2,640,000.

Though it can be pricey, one thing Neiman Marcus hadn’t intended offering customers, but did anyway, was the opportunity to have their personal information compromised by cybercriminals.

Was the Neiman Marcus breach related to the Target attack? No one knows for sure or at least they’re not saying. But Brian Krebs on krebsonsecurity.com points out that “Target has so far not publicly released information that would help other retailers determine whether their systems may have been hit by the same attackers.”

Calling on financial industry sources, Krebs stated that, “an increasing number of fraudulent credit and debit card charges…were being traced to cards that had been very recently used at brick-and-mortar stores run by the Dallas, Texas based high-end retail chain. Sources said that while it appears the fraud on those stolen cards was perpetrated at a variety of other stores, the common point of purchase among the compromised cards was Neiman Marcus.”

The company issued a statement saying that, “Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.

“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.”

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.