Fewer than 1.1 mln accounts exposed in Neiman breach: executive

WASHINGTON Tue Feb 4, 2014 11:21pm IST

A customer walks by the Neiman Marcus Last Call store in Golden, Colorado January 23, 2014. REUTERS/Rick Wilking

A customer walks by the Neiman Marcus Last Call store in Golden, Colorado January 23, 2014.

Credit: Reuters/Rick Wilking

Related Topics

Stocks

   

WASHINGTON (Reuters) - A recently revealed cybersecurity breach at Neiman Marcus potentially exposed 1.1 million accounts to malware, but the upscale U.S. retailer believes the actual number affected was less than that, its chief information officer said on Tuesday.

U.S. retail executives including the chief financial officer of Target Corp (TGT.N) appeared before the Senate Judiciary Committee to answer questions about data breaches that exposed payment card and personal information of millions of customers to hackers in the last several months.

Target Chief Financial Officer John Mulligan apologized for the massive cyber theft over the holiday shopping period. About 40 million credit and debit card records were stolen, along with 70 million other records with customer information such as addresses and telephone numbers.

"I want to say how deeply sorry we are for the impact this incident has had on our guests - your constituents," Mulligan said in prepared remarks.

The No. 3 U.S. retailer is working hard to earn back the trust of its customers and "moving as quickly as possible to share accurate and actionable information with the public," he said.

Michael Kingston, chief information officer of Neiman Marcus, told the panel that payment card information from transactions at 77 of the company's 85 stores might have been exposed to malware between July and October.

"The maximum number of account numbers in our stores at that time when they were exposed to the malware was 1.1 million accounts," he said. "But we do believe because the malware was only operating at certain times that the number is less than that."

Kingston said there was no indication that the data breach had compromised transactions on the company's website or at its restaurants, and personal identification numbers were not compromised.

Committee Chairman Patrick Leahy, a Vermont Democrat, told Mulligan and other executives that U.S. consumers deserved to know when their private information had been compromised and what businesses were doing in response to cyberattacks.

"Public confidence is crucial to our economy," Leahy said. "If consumers lose faith in business' ability to protect their personal information, our economic recovery will falter."

Leahy asked Mulligan whether Target had known its systems had been hacked before the U.S. Justice Department notified the retailer of the breach.

"Despite significant investment in multiple layers of detection that we had in our systems, we did not," Mulligan replied.

U.S. lawmakers are holding a series of hearings this week on aspects of the data breaches.

On Monday, a top Secret Service agent joined a chorus urging lawmakers to do more to prevent the types of crimes that have come to light recently. Congress has wrestled for years with proposals for legislation on data security but has been unable to reach an agreement.

"All businesses - and their customers - are facing increasingly sophisticated threats from cyber criminals," said Mulligan. "To prevent this from happening again, none of us can go it alone."

On Monday Target said it was speeding up a planned $100 million program to implement the use of chip-enabled smart cards to protect against cyber theft.

The cards contain tiny microprocessor chips that encrypt personal data shared with sales terminals used by merchants. Stolen smart-card numbers would be useless without the chip.

(Additional reporting by Peter Cooney; Writing by Jim Loney; Editing by Ros Krasny and Lisa Von Ahn)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

REUTERS SHOWCASE

Earnings Season

Earnings Season

Wipro sees rosier end to year as U.S. clients spend.  Full Article 

DLF Appeals

DLF Appeals

DLF seeks interim relief from capital market ban  Full Article 

Business Climate

Business Climate

Fears for tough penalties grow as India cleans up business  Full Article 

New Email Service

New Email Service

Google launches new email service dubbed "Inbox".  Full Article 

Falling Oil Prices

Falling Oil Prices

Indian consumers respond to softer oil, food prices  Full Article 

Pollution Levels

Pollution Levels

Delhi braces for worst air quality this Diwali week.  Full Article 

Book Keeping

Book Keeping

RBI fires warning shots on companies' lack of FX hedging.  Full Article 

Policy Repo Rate

Policy Repo Rate

Most external members suggested rate cut in RBI's Sept review.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage