Feeds

Hackers slurp credit card details from US luxury retailer Neiman Marcus

Meanwhile, 2 million 'high value' cards were just dumped on black market - fraud-watcher...

Protecting users from Firesheep and other Sidejacking attacks with SSL

Upmarket US department store Neiman Marcus has been hit by hackers who broke into systems before lifting an as-yet-unspecified number of credit and debit card details.

Neiman Marcus confirmed a security breach in a series of updates to its official Twitter account and apologised, without detailing the extent of the problem or commenting on its possible cause.

"The security of our customers' information is always a priority and we sincerely regret any inconvenience," the retailer said, before adding "we are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores."

Neiman Marcus provided a longer statement to investigative journalist Brian Krebs, who first reported the breach.

Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorised payment card activity that occurred following customer purchases at our Neiman Marcus Group stores.

We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensic firm to investigate the situation. On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result.

We have begun to contain the intrusion and have taken significant steps to further enhance information security.

The security of our customers’ information is always a priority and we sincerely regret any inconvenience. We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.

Daniel Ingevaldson, CTO at fraud protection firm Easy Solutions, said fraud-watchers noticed a big dump of around two million high-value cards hitting the black market around the start of the year, something he theorised on Friday might have come from the Neiman Marcus breach.

"On Jan 4th, we saw a dump of 2 million cards onto the black market - one of the largest single day drops we've seen in a while. While we can't definitively say what the source of the breach was, the percentage of Extremely High Value cards is significantly higher than we see on average," Ingevaldson said in a blog post. "These are cards like the Amex Centurion card - an invite-only card that comes with a $7,500 setup fee and $2,500 annual fee. While it is hard to determine from a single black market, this would indicate these could come from a high end source, such as Neiman Marcus."

The latest attack against a high-profile US retailer dates from the middle of the Christmas shopping season, around the same time as a massive breach against US chain Target that resulted in the theft of 40 million credit and debit card records as well as 70 million sets of personal information.

Sources in the information security industry are telling El Reg that the Target breach involved installing malware on point-of-sale systems, a theory that's consistent with media statements by Target chief exec Gregg Steinhafel over the weekend.

Reuters reports investigators as saying that the Target and Neiman Marcus breaches have several features in common with each other – as well as with a series of hacks over the holiday season that also affected three other retailers in less significant breaches. The latter breaches are likely to become public over the next few days or so. Sources told the news agency that the as-yet-unidentified attackers used similar techniques and malware to siphon the data, prompting some to speculate that all of the incidents could be linked. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.