Neiman Marcus is latest victim of security breach
Neiman Marcus confirmed Saturday, Jan. 11, 2014 that thieves may have stolen customers’ credit and debit card information and made unauthorized charges over the holiday season, becoming the second retailer in recent weeks to announce it had fallen victim to a cyber-security attack. (M. Spencer Green/Associated Press)
Luxury merchant Neiman Marcus confirmed Saturday that thieves stole some of its customers’ payment card information and made unauthorized charges over the holiday season, becoming the second retailer in recent weeks to announce it had fallen victim to a cyber-security attack.
The hacking, coming weeks after Target Corp. revealed its own breach, underscores the increasing challenges that merchants have in thwarting security breaches.
Target stores hit by data breach affecting 40 million cards
Target says about 40 million credit and debit card accounts may have been affected by a data breach linked to recent purchases in its U.S. stores.
The chain said Thursday that the accounts may have been impacted between Nov. 27 and Dec. 15.
The dates include the busy Black Friday shopping period surrounding the U.S. Thanksgiving holiday, which was on Nov. 28.
Canadian stores weren’t affected, a Target spokeswoman told CBC News by email today. The discount retailer didn’t immediately specify where the affected stores were located except that they were in the United States.
Target Corp. said customers who made purchases at its U.S. stores during the period and suspected unauthorized activity should call them at 866-852-8680.
May be continuing
The breach was first reported Wednesday by Brian Krebs, a security blogger, the New York Times said.
While the breach began the day after Thanksgiving, it may be continuing, the Times said, citing a person involved in the investigation.
It wasn’t immediately clear whether Target’s online customers were affected, the Times said. The criminals’ goal was apparently to get information from customers’ credit and debit cards, potentially including personal identification numbers (PINS).
The Minneapolis company said it immediately told authorities and financial institutions once it became aware of the breach and that it is teaming with a third-party forensics firm to investigate the matter.
“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” said Gregg Steinhafel, Target’s chairman, president and chief executive officer.
Stores in Canada
“We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”
Target has 1,797 U.S. stores and 124 in Canada.
The company has only been operating stores in Canada since March 2013, when it began a long-planned national roll-out in southern Ontario.
Target is just the latest retailer to be hit with a data breach problem. TJX Cos., which runs stores such as T.J. Maxx, Marshall’s and Winners, had a breach that began in July 2005 that exposed at least 45.7 million credit and debit cards to possible fraud. The breach wasn’t detected until December 2006.
In June 2009 TJX agreed to pay $9.75 million US in a settlement with multiple states related to the massive data theft but stressed at the time that it firmly believed it did not violate any consumer protection or data security laws.
As part of that announcement, the company said customers’ names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been stolen.
According to new information gleaned from its investigation with the Secret Service and the Department of Justice, Target said Friday that criminals also took non-credit card related data for some 70 million customers. This is information Target obtained from customers who, among other things, used a call center and offered their phone number or shopped online and provided an email address.
Some overlap exists between the 70 million individuals and the 40 million compromised credit and debit accounts, Target said.
When Target releases a final tally, the theft could become the largest data breach on record for a retailer, surpassing an incident uncovered in 2007 that saw more than 90 million records pilfered from TJX Cos. Inc.
Target acknowledged Friday that the news of the data theft has scared some shoppers away. It cut its earnings outlook for the quarter that covers the crucial holiday season and warned that sales would be down for the period.
How to improve your online safety
What are some easy steps to avoiding cyber crime?
- Should you have a different password for every website or application you use?
I’m going to say something that you won’t hear a lot of people say: write your passwords down. When I say that, don’t put it on a sticky note and put it in your monitor. I mean, write it down on a sheet of paper, stick it in a safe or your safety-deposit box. Realistically, you should change them on a regular basis, but people aren’t always going to remember their passwords.
- Make sure you have up-to-date anti-virus, and firewall on your local desktop.
1.Do you find that Canada and the United States with all the increases in internet sales, is lagging behind in cyber-security?
2. Why haven’t program developers by now. created full proof systems to prevent cyber fraud and hacking?
3. Have the above cyber-attacks deterred you the consumer from purchasing online or using your credit card or debit card?
To read more visit: Andre Mayer from the CBC News, “How to improve your online safety”
To read more on Target Stores and breach of security, visit CBC news
To read more on Neiman Marcus , latest victim on security breach, visit the Associated Press