Neiman Apologizes for Hack, Which Reportedly Dates Back to July

Neiman Marcus this week apologized for a recent hack that resulted in stolen customer credit card data, and offered customers one year of free credit monitoring.

The retailer said that Social Security numbers and birth dates were not compromised "as best we know today," and the breach does not appear to have affected those who shopped online. Neiman does not use PIN pads in its stores, so PINs are safe.

Neiman first became aware of the problem in mid-December when "we were informed of potentially unauthorized payment card activity that occurred following customer purchases at our stores." The store hired a forensic investigator, who on Jan. 1 found evidence of a criminal cyber-security intrusion, and that investigation continues.

According to the New York Times, however, the intrusion dates back to July. The company acknowledged the breach after reporter Brian Krebs wrote about it.

"We deeply regret and are very sorry that some of our customers' payment cards were used fraudulently after making purchases at our stores," Karen Katz, president and CEO of the Neiman Marcus Group, said in a statement. "We have taken steps to notify those affected customers for whom we have contact information. We aim to protect your personal and financial information. We want you always to feel confident shopping at Neiman Marcus, and your trust in us is our absolute priority."

Neiman has disabled the malware it uncovered, she said, enhanced its security tools, and assessed and reinforced its related payment card systems. Still, Katz urged customers to watch their statements carefully and report any suspicious activity. Brands like Visa, MasterCard, American Express, Discover, and the Neiman Marcus card provide zero liability for those who had their numbers stolen.

Anyone who has made a payment card purchase at Neiman Marcus in the past year will get one year of free credit monitoring service. Details will be posted online by Friday, Jan. 24.

The Neiman hack comes after Target was also hit by hackers who compromised the accounts of upwards of 70 million shoppers. Target CEO Gregg Steinhafel told CNBC recently that the firm doesn't "know the full extent of what transpired, but what we do know is that there was malware installed on our point-of-sale registers. That much we've established."

Target and Neiman might not be the only ones hit by scammers. According to Reuters, three other retailers experienced similar incidents over the same time period.

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio