Neiman Marcus has been notifying customers of a data breach after hackers stole merchant card information for an undisclosed number of shoppers.
The high-end retailer said it is working with the U.S. Secret Service and a forensics firm to investigate the theft, which it said it learned about in December from its merchant card processor.
”On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers cards were possibly compromised as a result,” Neiman Marcus said in an emailed statement.
”We have begun to contain the intrusion and have taken significant steps to further enhance information security,” the company said.
Neiman Marcus didn’t say how the break-in occurred or how many of its customers are affected, but it confirmed some customers’ card numbers were used improperly after they shopped at the store.
”We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores,” the company said via Twitter late Friday.
Neiman spokesperson Ginger Reeder said she couldn’t provide any further details at this time. The store apparently confirmed the break-in after being contacted by security reporter Brian Krebs on Friday.
The incident follows a massive data breach at Target, another major U.S. retailer. Target originally said about 40 million people were affected in that incident, but on Friday it said the number could be as high as 110 million, or about one third of the U.S. population.
In addition to credit and debit card numbers, thieves also took customer names, mailing addresses, phone numbers or email addresses, Target said in a statement released Friday.