Neiman Marcus confirmed today that hackers stole some of its customers’ payment card information and made unauthorized charges over the holiday season, becoming the second retailer in recent weeks to announce it had fallen victim to a cyber-security attack. Just a few weeks ago, Target came forward and announced that about 40 million debit and credit card accounts were stolen as part of the breach that started over Thanksgiving weekend in November 2013. Although no estimate of how many individual’s cards have been compromised exists, the company began to notify customers whose cards were used fraudulently.
Ginger Reeder, spokeswoman for Dallas-based Neiman Marcus Group Ltd., said in an email Saturday that the retailer had been notified in mid-December by its credit card processor about potentially unauthorized payment activity following customer purchases at stores. A forensics firm confirmed evidence that the upscale retailer was a victim of a criminal cyber-security intrusion and that some customers’ credit and debit cards were possibly compromised as a result.
“The cause, size, and duration of the attack are currently unknown, pending the completion of a third-party forensics investigation,” said Reeder. The company is working with the Secret Service on the breach.