The Washington Post

Now Neiman Marcus appears to have been hacked, too

(John Gress/Reuters file photo)

Hours after we learned that the hack against Target was much worse than initially feared, the retailer Neiman Marcus has also admitted it was compromised during the holiday season.

The attack was discovered in mid-December by Neiman Marcus's credit card processor, a finding that was confirmed by a third-party security company on New Year's Day. An unknown number of credit card numbers may have been leaked as a result, according to a corporate statement provided to the researcher and journalist Brian Krebs.

"We have begun to contain the intrusion and have taken significant steps to further enhance information security," the statement reads in part.

A Neiman Marcus spokesperson did not immediately respond to a question asking whether the company had completely sealed off the breach or conclusively identified the vulnerability that made the hack possible.

Given the coincidental timing, it's hard not to wonder whether the attacks on Neiman Marcus and Target are somehow related. On Friday, Target revised its impact estimate upward from 40 million affected customers to 70 million customers. But Neiman Marcus told Krebs it has no evidence to suggest a connection between the two hacks.

Brian Fung covers technology for The Washington Post, focusing on telecommunications and the Internet. Before joining the Post, he was the technology correspondent for National Journal and an associate editor at the Atlantic.
Show Comments

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.