Neiman Marcus Announces a Data Breach, Target’s Numbers Jump to 110 Million Customers Affected

Neiman Marcus announced Friday that it was a target of a massive cyber attack, with as many as 70 million customers’ personal information being swiped, including names, addresses, email addresses and telephone numbers. Officials do not know if the attack is related to the Target data breach.

Target’s January 10th announcement by the company’s spokesperson brings the number of customers who had information stolen to 110 million, and now the information includes names, addresses and email addresses for 70 million customers who did not swipe cards in Target stores.

To make matters worse, it looks as if we may just be scratching the surface of this problem, as sources are saying that there were three more breaches that happened just before the holiday shopping season. As of yet, those retailers haven’t gone public, but sources suggest that they are retail chains with outlets typically found in malls.

Investigators are suggesting that the three smaller attacks before the holidays were a sort of trial run, before the culprits hit Target and Neiman Marcus, and think that the breach originated from Eastern Europe, where most of the large cyber crime cases originate.

While the retailers have yet to disclose exactly how the attackers accessed their data systems, the experts seem to agree that it was most likely a piece of malware that is known as a RAM scraper. This malicious software grabs sensitive information, which is normally encrypted, when it travels through the live memory of the computer in readable text.

Target has stated that most of the stolen data is incomplete, but in instances where they have an email address, Target will attempt to contact affected customers. Because both online and in store purchases are potentially breached, anyone who shopped at or in stores should keep a close eye on their financial accounts.

Neiman Marcus is also working on letting its affected customers know of the breach, which so far only impacts customers that shopped in store over the holiday season.

Ready to secure your company’s data? Contact us today!