The TARGET Hack was not the only massive Data breach that happened during the last Black Friday, but also other three major US Retailers were also hacked.
Recently, Neiman Marcus also confirmed a data breach that involves Credit card theft from its customers during the holiday shopping season, using similar techniques to the one that penetrated Target last month.
Neiman Marcus has 79 stores and reported total sales of $1.1 Billion in the Q4 2013. Neiman Marcus revealed that its customers are at risk after hackers breached servers of the company and accessed the payment information of those who visited its stores.
The company is working to inform customers whose cards have been used for fraudulent purchases, but differently from the case of retailer Target, the company hasn't provided information on the nature of data leaked and on the number of customer records exposed.
Neiman Marcus spokesperson Ginger Reeder announced that the company does not yet know the cause, size or duration of the data breach. She also added that there is no evidence of a possible impact on those shoppers who purchased from the online stores.
The entirety of the company’s formal statement is as follows:
“Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.
We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensic firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security.
The security of our customers’ information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.”
Neiman Marcus was informed in mid-December by its credit card processor and subsequently reported the data breach to law enforcement. The company apologized to its customers for the incident and confirmed that it is working to notify those whose cards were used fraudulently after visits to Neiman Marcus stores.
Cyber criminal activities are more frequent during the holiday season, experts hypothesized also a possible connection between this data breach and the one occurred to Target retailer.
"In the wake of the Target breach, customers, lawmakers and consumer advocates have stepped up calls for Congress to set guidelines on how merchants should protect consumer data. In a statement Friday, Sen. Edward J. Markey (D-Mass.) said that the Target breach illustrates a need for clear, strong privacy and security standards across all industries. When a number equal to nearly one-fourth of America’s population is affected by a data breach, it is a serious concern that must be addressed,” he said.
Are Target and Neiman Marcus two isolated cases?
"Target Corp and Neiman Marcus are not the only U.S. Retailers whose networks were breached over the holiday shopping season last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed." reported a post by Reuters.
According to the people familiar with the attacks, the technique adopted by attackers is the same to the one against Target. More breaches may have yet to come in light and rumors refers similar incidents may have occurred earlier last year.
There is the suspect the perpetrators may be the same as those who attacked Target retailer, likely the ring leaders are from Eastern Europe.
Security analysts expect an increment for illicit activities related to credit and debit card abuses, and they also sustain that it can be more difficult for retailers and credit card issuers to detect patterns of unusual spending.