Neiman Marcus Breach: A Wake-Up Call for Retailers

It wasnEUt nearly as bad as the Target breach, nevertheless Neiman Marcus is reporting 1.1 million debit and credit cards used in its retail stores were compromised in the recently-revealed 2013 security breach.

While the forensic and criminal investigations are ongoing, the luxury retailer has confirmed at least one point: malicious software, also known as malware, was clandestinely installed on its system. Neiman Marcus said it appears that the malware actively collected or "scraped" credit card data from July 16, 2013 to October 30, 2013.

EUDuring those months, approximately 1.1 million customer payment cards could have potentially been visible to the malware,EU the company said. EUTo date, Visa, MasterCard and Discover have notified us that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently.EU

A Wakeup Call

We turned to Tom Cross, director of security research at network security firm Lancope, to get his take on the ongoing breach stories. He told us other retail organizations are probably asking themselves if their systems were also compromised, and how well prepared they are to respond in the event that this happens to them.

EUHopefully the news of these major retail compromises will serve as a wake-up call to senior executives that cybersecurity incidents can have significant consequences for their businesses and they need to be prepared,EU Cross said.

Lancope recently commissioned a study by the Ponemon Institute on how well prepared IT organizations are to respond to cybersecurity incidents. Cross said Lancope learned that senior executives are often in the dark -- only 20 percent of survey respondents said their executives are frequently briefed on cybersecurity threats.

Unpreparedness Costs

According to Cross, that can mean organizations are underprepared, because the leadership team isn't aware of the risks, and therefore isn't investing adequately in preparedness.

EUMost of our respondents told...

Comments are closed.