Malicious software scooped up customer credit and debit card information between July 16 and Oct. 30 of last year, Neiman Marcus Group President and CEO Karen Katz said in a message on the retailer's website.
Visa (Fortune 500), , MasterCard (Fortune 500) and , Discover (Fortune 500) reported 2,400 cards were then used fraudulently, Katz said. She said customers have no liability for those purchases and can sign up for one year of free credit monitoring online at , www.protectmyid.com/nm. Neiman Marcus is attempting to notify impacted customers, Katz added.
Neiman Marcus acknowledged earlier this month its systems had been breached, but did not disclose a number of customers affected. The retailer says it first learned of the breach in December and began an investigation along with law enforcement. A security firm confirmed the breach on Jan. 1.
The breach did not include customer Social Security Numbers or PIN numbers associated with debit cards, Neiman Marcus said. Online shoppers were not impacted.
The software -- described as "sophisticated, self-concealing malware, capable of fraudulently obtaining payment card information" -- has since been disabled.
The Neiman Marcus incident began and ended before a much larger breach at discount retailer Target (Fortune 500). Up to 110 million Target customers had their personal information stolen during the busy holiday shopping season, Target said. ,
Although malware used at both retailers accomplished similar goals, Neiman Marcus said it knew of no connection between the two breaches.
|Canadians arrest a Heartbleed hacker|
|US Airways won't fire worker who sent lewd tweet|
|5 people you might not tip (but should)|
|Google stock sinks after missing Street|
|Toyota unveils redesigned Camry|