On Friday, Neiman Marcus Group, an upscale retailer operating 40 stores across the US, confirmed that customers’ credit and debit card information was compromised in cyber-attacks during the holiday season. Though the company hasn’t disclosed the extent to which security has been breached, nor the number of stores that were affected by the hacking, the retailer reported that on January 1, a forensic company found evidence of a cyber-security intrusion in its stores.
In mid-December, the Neiman Marcus Group was notified about the possible breach when a credit card processor told the company about potential unauthorized payment activity during the month. The retailer is now working with the US Secret Service to investigate the matter, and is taking steps to notify customers who might have been affected by the breach in its information security. It tweeted: "We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores."
Ginger Reeder, a spokesperson for the retailer, said: “We have begun to contain the intrusion and have taken significant steps to further enhance information security.”
Neiman Marcus Group is the second retailer to report such an incident. On December 19, last year, Target Corporation (TGT) reported a major security breach that compromised the information of 40 million debit and credit cardholders who had shopped at Target’s US stores between November 27 and December 15. As the investigation continues, the management has given an update that the breach may actually have affected 70 million customers.
Sources who refused to be named said that three other well-known retailers with outlets in malls might also have been attacked by hackers during the holiday season, using the same techniques as those in Target’s cyber-attack. This is not certain though, as the investigation is still in progress.
Avivah Litan, a security analyst at Connecticut-based research firm Gartner Inc., said: “Target was not the only retailer who got hit, but they got hit the biggest." She revealed that she learned about various breaches occurring a few months before Thanksgiving. She further said that investigators believe that these were staged as trial attacks for Target.
Target Corporation (TGT) hasn’t disclosed the technique that was used in the attacks, but investigators suspect that one of the malware that might have been used in the process is something known as a RAM scraper. This memory parsing software could have grabbed encrypted data as it traveled through Target’s computers’ RAMs.
Law enforcement agencies suspect the involvement of hackers from Europe in the matter as the biggest cyber-crime cases notified during the past decade have come from that region.
Investigators suspect that retailers, who may have faced a similar breach during the holiday season, might have been attacked by the same hackers who broke through Target’s security, using the same technology.