Joe Mabel/Creative Commons
Retailer Neiman Marcus informed customers on Friday evening that the company’s data security systems had been compromised in December, resulting in the potential theft of customer credit card data.
According to the company, the attack was carried out in mid-December. Neiman Marcus was informed by its merchant processor of potentially unauthorized credit card activity, and it launched an investigation with an unnamed intelligence and risk management firm to uncover the extent of the breach. The company is also working with the U.S. Secret Service, as well as the payment brands involved.
“On January 1st, the forensics firm discovered evidence that [Neiman Marcus] was the victim of a criminal cyber-security intrusion and that some customers’ cards were possibly compromised as a result,” company spokesperson Ginger Reeder told Re/code. “We have begun to contain the intrusion and have taken significant steps to further enhance information security.”
The intrusion comes just weeks after retail giant Target disclosed that it had fallen prey to a massive security breach of its systems, resulting in the potential theft of data on more than 70 million customers.
The Texas-based Neiman Marcus hasn’t disclosed the extent to which its customers were affected, nor how many accounts may have been compromised.
“The security of our customers’ information is always a priority and we sincerely regret any inconvenience,” Reeder said. “We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store.”