Krebs on Security, the same publication that first reported the Target hack in which up to 70 million customers were affected, has since learned of a second retailer that has fallen victim to a similar attack.
Earlier in the week, Krebs started hearing from sources in the financial industry about a rising number of fraudulent credit and debit card charges that were all traced back to cards that had recently been used at brick-and-mortar stores owned by high-end retail chain Neiman Marcus.
After reaching out to the company, a spokesperson confirmed they are indeed investigating a breach that was first uncovered in mid-December. At present, Neiman Marcus doesn’t know the cause, size or duration of the breach but they are being sought by a third-party forensics firm that is conducting an ongoing investigation. They’re also working with the US Secret Service, according to a formal statement on the matter.
The good news is that there is currently no evidence that suggests the company’s online store was affected by the breach.
Consumers are still reeling from the Target Black Friday hack late last year. Target initially said up to 40 million cards may have been at risk but now they’ve come forward and said that the names, mailing addresses, phone number and e-mail addresses for up to 70 million shoppers may have also been compromised.
I know of at least one bank that is taking proactive measures and issuing members new debit cards and I suspect others are likely doing the same thing.
There’s no evidence at this time that the Target and Neiman Marcus breaches are related.