Neiman Marcus also Targeted by Holiday Season Hackers
Upscale retailer Neiman Marcus is the latest major corporation to announce that it was the victim of a cyber attack during the holiday shopping season.
The Dallas, Texas-based company, which operates nearly 80 department stores and clearance centers nationwide, said it learned in mid-December 2013 of the possible theft of customers’ debit and credit card data.
A digital forensics firm hired by Neiman Marcus subsequently uncovered evidence of “a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result,” company spokeswoman Ginger Reeder said in a January 2014 statement to InformationWeek.
Neiman Marcus has not said how many of its customers may have been affected by the security breach. The company reported total revenues of $4.65 billion and net earnings of almost $164 million in fiscal year 2013.
“We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores,” the company said on its Twitter account.
Neiman Marcus’ announcement came as officials at Target continue in their attempts to quantify a breach of their customers’ data. In late December, the Minneapolis, Minn.-based company reported that hackers had stolen payment card data belonging to about 40 million shoppers over the course of nearly three weeks in November and December.
However, Target announced in January that personal information such as email addresses, names and telephone numbers had been stolen from an additional 70 million customers.
Spokeswoman Molly Snyder told USA Today that the company isn’t sure whether there’s any overlap between customers whose payment card information was stolen and those whose personal information was taken.
Two U.S. senators have asked for an update on the findings of Target’s investigation into the cyber attack.
“We expect that your security experts have had time to fully examine the cause and impact of the breach,” Jay Rockefeller, chairman of the Senate Commerce Committee, and Claire McCaskill, chairwoman of the Subcommittee on Consumer Protection, wrote in a Jan. 10 letter to Target’s chairman.
Rockefeller and McCaskill said they have been pushing for federal legislation that “would better protect consumers and improve consumer responsibility” in the case of such data breaches.
Bloomberg has reported that Target faces multiple lawsuits over the hacking. In one case, a Connecticut bank contends that it was forced reimburse customers who lost money and issue new cards because of the security breach.
Connecticut also is among several states whose attorneys general have said they will be probing the theft of customer data at Target and Neiman Marcus, according to Bloomberg.