1.1 million payment cards exposed to malware in Neiman Marcus hack

Neiman Marcus has determined that a data breach extending from July until October of 2013 exposed as many as 1.1 million payment cards to malware, and that 2,400 cards have been used fraudulently as a result.
Neiman Marcus acknowledged the breach two weeks ago and made further details available in a statement this week.

“While the forensic and criminal investigations are ongoing, we know that malicious software (malware) was clandestinely installed on our system,” Neiman Marcus wrote. “It appears that the malware actively attempted to collect or ‘scrape’ payment card data from July 16, 2013 to October 30, 2013. During those months, approximately 1,100,000 customer payment cards could have been potentially visible to the malware. To date, Visa, MasterCard, and Discover have notified us that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently.”

The New York Times reported that “the malware installed on terminals in Neiman Marcus stores seems to be the same malware that infiltrated Target’s systems.” The Target breach was much bigger, exposing credit and debit card information for about 40 million customers and a separate set of personal information on an additional 70 million customers.

Read 2 remaining paragraphs | Comments

via Ars Technica http://ift.tt/1hs8hnZ

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s