The Switchboard: Target may have just been the tip of the retail hacking iceberg

MIAMI, FL - DECEMBER 19:  A customer uses the credit card scanner at a Target store on December 19, 2013 in Miami, Florida. Target announced that about 40 million credit and debit card accounts of customers who made purchases by swiping their cards at terminals in its U.S. stores between November 27 and December 15 may have been stolen.  (Photo by Joe Raedle/Getty Images)

MIAMI, FL - DECEMBER 19: A customer uses the credit card scanner at a Target store on December 19, 2013 in Miami, Florida. (Photo by Joe Raedle/Getty Images)

Published every weekday, the Switchboard highlights five tech policy stories you need to read.

Now Neiman Marcus appears to have been hacked, too. Brian Fung at the Switch reports on another retail hack. "The attack was discovered in mid-December by Neiman Marcus's credit card processor, a finding that was confirmed by a third-party security company on New Year's Day. An unknown number of credit card numbers may have been leaked as a result, according to a corporate statement provided to the researcher and journalist Brian Krebs."

Sources tell Reuters there are more well-known U.S. retailers victims of cyber attacks.  "Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed," write Jim Finkle and Mark Hosenball at Reuters."Smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target," plus "similar breaches may have occurred earlier last year." The sources were anonymous, and The Washington Post could not immediately confirm the report.

The next data privacy battle may be waged inside your car. "Cars are becoming smarter than ever, with global positioning systems, Internet connections, data recorders and high-definition cameras," writes Jaclyn Trop in The New York Times. "Drivers can barely make a left turn, put on their seat belts or push 80 miles an hour without their actions somehow, somewhere being tracked or recorded." And that has privacy advocates increasingly nervous.

The law used to prosecute Aaron Swartz remains unchanged a year after his death. The Switch reminds readers that despite calls for reform, the Computer Fraud and Abuse Act (CFAA) remains intact a year after the suicide of programmer and activist Aaron Swartz. Swartz was facing up to 35 years in prison for allegedly using MIT's network to bulk-download documents from the academic database JSTOR. Many of the charges stemmed from the 1986 cybercrime law.

Supreme Court to consider rules on encouraging patent infringement. Brent Kendall in the Wall Street Journal reports that the Supreme Court will take up a patent case between Limelight and rival Akamai. "A splintered federal appeals court ruled in 2012 that Akamai could proceed with allegations that Limelight encouraged its customers to infringe an Akamai patent involving a method for helping website owners manage online traffic efficiently." Limelight, the appeals court said, "would be liable if Akamai could prove that Limelight performed some actions outlined in the patent and then directed its customers to perform the remaining steps in the patent."

Also on The Switch

Reports of the PC's death have been greatly exaggerated, readers argue