Over 1.1 million American credit card holders have been affected by a point of sale data breach at luxury retail chain Neiman Marcus. The high-end retailer confirmed that credit card details have been stolen using point of sale malware installed on its computer systems between 18 July and 30 October 2013.
Hackers are believed to have accessed the company’s large network of point of sale payment systems and installed the malware, which logged customer data, including credit card payment information. Neiman Marcus stated that 2,400 of the cards had since been used to make fraudulent purchases over the Internet.
The breach has worried credit card users across the United States, with links being drawn between the point of sale hack at retail chain Target and the recent security breach at Neiman Marcus. The malware reportedly “scraped” credit card data from the company’s database.
Neiman Marcus is beefing up its security systems to avoid another breach, stating it had already taken “extensive security precautions” to stop more customer data from being stolen. Investigators are currently unsure of the data breach’s links to similar hacking cases involving big-box retail chain Target.
In response to the security beach, Neiman Marcus is offering customers affected by the data theft free credit card security monitoring services. Karen Katz, president and chief executive at Neiman Marcus Group, said that she was “very sorry” that customers’ cards were being used fraudulently after shopping at their stores.
The security breach at Target used a modified version of BlackPOS – a malicious PC application designed to penetrate retail security systems and steal data from credit cards and other payment methods. The FBI believes that over 20 US retailers have been targeted by groups of hackers using the malware in the last year.
