Newest data leakage victim: Neiman Marcus

by Charles Leaver

January 16, 2014

access_time 4 min read

Due to recent reports that the data leakage was more extensive than first reported, nearly everyone has heard about Target being the victim of a cyberattack. However, the retailer is not the only store that was breached during last year's holiday shopping season.

High-end merchant Neiman Marcus has begun notifying customers that personal information may have been compromised when hackers infiltrated its systems, according to IDG News Service. The group first became aware of the data leakage when its merchant card processor notified them of suspicious activity.

"On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cybersecurity intrusion and that some customers cards were possibly compromised as a result," Neiman Marcus said in a statement. "We have begun to contain the intrusion and have taken significant steps to further enhance information security."

Currently, the number of customers affected by this breach has yet to be disclosed, however, the news outlet reported that affected data includes customer payment card information.

Data leakage yet to be announced
As Neiman Marcus joins Target as well-known victims of data leakage, Reuters reported that other retailers may soon come forward as well. These attacks may be similar to several other breaches that took place earlier this year.

"Smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target, according to the people familiar with the attacks," Reuters reported.

The only information released about the other breaches is that they involved vendors with outlets in several malls. Furthermore, expert sources stated that these attacks may have been carried out by the same individual or hacker group, but as investigations into these occurrences are still ongoing, they cannot be sure.

Why data leakage continues to occur
As more retailers announce data leakage, security blogger Brian Krebs noted that it raises the question as to why this information theft keeps happening. Krebs was the first to report the data leakage at Target and Neiman Marcus, according to Motley Fool, and is in a unique position to shed light on this subject.

Krebs noted that in many cases of data breaches, vendors may not realize they have been attacked until someone else notifies them, as with the Neiman Marcus leakage. This can include alerts from law enforcement, security firms, or banks that may notice fraud or suspicious activity and traced these activities back to the merchant.

Krebs also magnetic stripes, such as those on common payment cards in the U.S., are cheap to create but easy to hack and will thus continue to be a target for criminals.