Even as security analysts are wading through the issues with the Target breach, new information is emerging about Neiman Marcus’ woes. According to the New York Times, hackers infiltrated the luxury retailing giant’s computer network as far back as July.
Neiman Marcus last week disclosed hackers may have stolen credit and debit card numbers of its customers. The retailer has made it clear that it deeply regrets and is very sorry that “some of our customers' payment cards were used fraudulently after making purchases at our stores” and assures the public it has taken steps to notify affected customers if it has their contact information.
“As best we know today, Social Security numbers and birth dates were not compromised,” Karen Katz, president and CEO of Neiman Marcus Group, wrote in a blog post Thursday. “Customers that shopped online do not appear to have been impacted by the criminal cyber-security intrusion. Your PIN was never at risk because we do not use PIN pads in our stores.”
Neiman Marcus Still Investigating
Katz went on to say that the retailer has taken and is continuing to take a “number of steps” to contain the situation and to help prevent an unlawful intrusion like this from happening again. By that she means the company is working with federal law enforcement, disabling the malware it has found, enhancing its security tools, and assessing and reinforcing its related payment card systems in light of this new threat.
“In mid-December, we were informed of potentially unauthorized payment card activity that occurred following purchases at our stores. We quickly began our investigation and hired a forensic investigator,” Katz said. “Our forensic investigator discovered evidence on January 1 that a criminal cyber-security intrusion had occurred. The forensic and criminal investigations continue.”
Katz said customers that are concerned about fraudulent activity can take several steps, including checking their payment card statements and contacting their local stores or the company’s credit card division to see if fraudulent activity appears on their Neiman Marcus cards.
Extremely Costly Breaches
We caught up with Maxim Weinstein, a security advisor at Sophos, to get his take on the fallout. He told us the loss of sensitive customer data like credit card numbers can be extremely costly for businesses as Neiman Marcus and others are experiencing.
“The average cost of a data breach in 2012 was $188 per record in the U.S., including the cost of fines, legal damages and loss of business. A recent study by the Ponemon Institute found that 51 percent of small and mid-sized businesses experienced data loss in the past year,” he said.
“Sophos recommends businesses of all sizes have a comprehensive data loss prevention plan in place. Likewise, consumers worried about fraud should check for suspicious activity,” he added.
Posted: 2014-04-27 @ 11:25pm PT
The recent Neiman Marcus data compromise appears to reveal a desperate state of affairs under Karen Katz CEO.
The following are very serious matters :
Despite EEOC laws in America the company has not actively addressed the following:
Customers and employees are said to "act like Jews" .
Asian Americans are said to look "extra Asian " by its own Management.
Entire Departments may have no Latino employees for years despite having qualified applicants.
The company's HR department apparently attempts to conceal this by hiring low level janitorial positions. This may be used to skirt equal opportunity..
Management has called gay male employees "F**s" .
" Fire him he has HIV" was stated by a different Department Manger
That employee working in the N.M. Café would prepare food without gloves. He used unwashed hands and cut fingers.
The company has a questionable food safety record . It y not have followed food safety laws and perhaps does still not.
A Neiman Marcus employee bled in prepared food through an open wrist bone wound.. When asked by The United States Government to respond, the company stated they are not applicable under the law. OSHA in Washington D.C was notified . The company never directly answered as to why it did not adequately protect its customers. The company shifted the blame to Liberty Mutual Insurance who had at that point not been aware.
In another recent publicized case Neiman Marcus was implicated in forging fake documents to smear an African American ex employee . This pattern of discrimination is very disturbing . Another abusive tactic Neiman Marcus utilizes is to have suspected African American's shoplifting cases moved to different judges courts. . This according to company Management allows an increase in the time they spend in jail . The company reportedly pays the Court to honor its request to switch judges it deems as not sympathetic to Neiman Marcus. The United States Department of Justice has been made aware of this.
Additional concerns include that the company has failed to pay wages properly and is known for retaliatory issues (Neimanmarcuslawsuit.com)
It now has another pending class action lawsuit for the da
The company claimed that one of it's former manager's is a "pedophile". Interestingly they gave him a positive reference to work at Chuckie Cheese Pizza (Owned by Apollo Management). This despite the fact it is a business aimed at children where a danger may be present.
Ms. Katz should seriously consider resigning as it is questionable as to her stewardship of Neiman Marcus
Sources - DOL, OSHA, U.S Dept. of Justice complaint., EEOC records