Neiman Marcus Security Breach Update: Over 1M Customers Had Information Stolen

Neiman Marcus announced that nearly 1.1 million of its customers may have had their debit and credit card information stolen. The announcement comes less than one month after the luxury retailer first announced it had been compromised during a data breach in 2013.

The data breach occurred over the course of several months, from July to October, The Associated Press reported Thursday. The information was hacked through malware that was placed in Neiman Marcus's system.

"It appears that the malware actively collected or "scrapped" credit card data from July 16, 2013 to October 30, 2012. During those months, approximately 1, 100, 000 customer payment cards could have potentially been visible to the malware," the retailer said in a statement on its website.

A forensics company discovered the hacker's software, and alerted Neiman Marcus about the breach at the beginning of the year.

"On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result," Neiman Marcus said in its statement. "At this time, the malicious software we have found has been disabled."

After further investigation, Visa, Discover, and MasterCard found out that 2,400 Neiman Marcus and Last Call cards were used without the owner's consent, the AP reported. Last Call is the clearance items branch of Neiman Marcus, the AP reported.

Customers who shopped at Neiman Marcus' website, and customers who used Neiman Marcus private credit cards were not affected by the breach. The Dallas-based company also announced that customer birth dates and Social Security numbers were not stolen, the AP reported.

The data breach is part of a string of mass security breaches to hit the retail industry in recent months. Target recently announced over 70 million of its customers had their credit and debit card information stolen in a security breach that occurred during the 2013 holiday season. Six other U.S. retailers, who have not been named, have also had their systems hacked.

Real Time Analytics