Washington DC, USA. 12th Jan, 2014. A Neiman Marcus store in Washington, D.C. on January 12, 2014. The luxury retailer is the la
Alamy
By Sakthi Prasad
and Jim Finkle


Hackers breached the computer networks of luxury department store chain Neiman Marcus as far back as July, an attack that wasn't fully contained until Sunday, the New York Times reported, citing people briefed on the investigation.

Neiman Marcus said Friday that hackers may have stolen customers' credit and debit card information, the second cyberattack on a retailer in recent weeks.

Neiman Marcus had said it first learned in mid-December of suspicious activity that involved credit cards used at its stores.

However, in a call with credit card companies Monday, Neiman acknowledged that the attack had only been fully contained a day earlier, and that the time stamp on the first intrusion was in mid-July, the paper said.

Neiman Marcus spokeswoman Ginger Reeder declined to comment to Reuters on the New York Times report about the July hack attack.

"We did not get our first alert that there might be something wrong until mid-December.
We didn't find evidence until Jan. 1," Reeder told Reuters late Thursday.

Neiman Marcus didn't say how many credit cards were affected but said that customer social security numbers and birth dates weren't compromised.

"Customers that shopped online do not appear at this time to have been impacted by the criminal cyber-security intrusion. Your PIN was never at risk because we do not use PIN pads in our stores," Chief Executive Officer Karen Katz wrote in a letter to customers, a copy of which was posted on the company's website.

Katz said the company has taken steps to contain the situation, including working with federal law enforcement, disabling the malware and enhancing security tools.

The company is also assessing and reinforcing its related payment card systems, Katz said.

The U.S. government Thursday provided merchants with information gleaned from its confidential investigation into the massive data breach at Target (TGT), in a move aimed at identifying and thwarting similar attacks that may be ongoing.



Increase your money and finance knowledge from home

Finding Stock Ideas

Learn to do your research and find investments.

View Course »

Basics Of The Stock Market

Stock Market 101 - everything you need to know but were afraid to ask!

View Course »

Add a Comment

*0 / 3000 Character Maximum

3 Comments

Filter by:
tmlbtb

Why is it, that the Europeans have a smart card to prevent getting hacked and the Americans are still stuck with the old credit cards with no security built in? Why? Again, because the credit card companies don't want to make the investment, and Congress is paid to look the other way.

January 20 2014 at 3:00 PM Report abuse rate up rate down Reply
Big John

I used to be in management with a large retailer and I can tell you the whole problem rest on the retailer who does not want to spend the money to protect themselves and their customers. If you would just stop shopping at the ones who refuse to protect your privacy I can assure you they would change their position and spend the necessary funds to protect you.

January 17 2014 at 4:23 PM Report abuse +1 rate up rate down Reply
shy32atlanta

neiman marcus also let an employee bleed into food through an exposed wristbone. another employee the manager said "fire him he has HIV" made food with no gloves. you cant trust the deceitfull CEO karen katz

January 17 2014 at 1:23 PM Report abuse rate up rate down Reply