Don't let them infect your devices

Neiman Marcus Data Breach

In January, Neiman Marcus confirmed that it had suffered a data breach. Initially only a few details were released - all that was shared was that fraudulent charges were found on credit and debit cards of customers of Neiman Marcus. It did not reveal what types of data were stolen or how many customers were affected. A few weeks later, it was revealed that the data breach was much worse than originally thought. Neiman Marcus has since announced that cyber criminals had hacked into their system and had been operating within it for several months. Over 1.1 million credit and debit cards were affected. In this particular hack, the payment terminals inside Neiman Marcus stores were installed with malware. Interestingly enough the malware is the same that attacked Target, and exposed the information of over 110 million customers. Investigators anticipate that the hackers are from Eastern Europe. Neiman Marcus has since shared that the malware infected it’s systems between July 16 and October 30, 2013, and that 2,400 of the cards used at infected terminals have been used fraudulently. The company only discovered the data theft in December, when unauthorized charges were appearing on cards.  

How did the data breach happen?

So how exactly did this malware capture credit and debit card data? By infecting the terminals, the malware was able to capture the data. During the payment authorization process, the credit card data is decrypted for a split second in order to gain authorization. RAM-scraping malware steals the unencrypted data. Between the recent hack attacks on Target and Neiman Marcus, the US government has a renewed focus on credit cards and their security. Most of Europe has adopted EMV technology, which has helped to bring about a dramatic reduction in credit card fraud. In contrast, credit card fraud has increased in the US, currently responsible for 27% of credit card transactions globally, but victim to 47% of credit card fraud. Have you ever had your credit card information stolen? Tell us!

Written by Kirsten Dunlaevy

Kirsten Dunlaevy is a blogger for BullGuard. With a background in advertising and branding she is extremely familiar with the ups and downs of social media and the world of communication. Kirsten is here to educate you on how to navigate all things digital, in a safe and responsible manner. Her other passions are decidedly un-digital, she loves being out on the water and cooking.

More articles by Kirsten Dunlaevy


  • Jeff D. Bump

    13 Apr 2016, 12:17

    Thank you for the article!
    When it comes to data security I always suggest keeping employees informed of how to deal with important data in order to prevent a data breach. The statistics say that more than 50% of data breaches are caused by people. One more suggestion is to use <a href="" rel="nofollow">ideals data room</a> for business processes.

Leave a Reply




Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.