Fewer than 1.1 mln accounts exposed in Neiman breach: executive

WASHINGTON Tue Feb 4, 2014 11:21pm IST

A customer walks by the Neiman Marcus Last Call store in Golden, Colorado January 23, 2014. REUTERS/Rick Wilking

A customer walks by the Neiman Marcus Last Call store in Golden, Colorado January 23, 2014.

Credit: Reuters/Rick Wilking

Related Topics

Stocks

   

WASHINGTON (Reuters) - A recently revealed cybersecurity breach at Neiman Marcus potentially exposed 1.1 million accounts to malware, but the upscale U.S. retailer believes the actual number affected was less than that, its chief information officer said on Tuesday.

U.S. retail executives including the chief financial officer of Target Corp (TGT.N) appeared before the Senate Judiciary Committee to answer questions about data breaches that exposed payment card and personal information of millions of customers to hackers in the last several months.

Target Chief Financial Officer John Mulligan apologized for the massive cyber theft over the holiday shopping period. About 40 million credit and debit card records were stolen, along with 70 million other records with customer information such as addresses and telephone numbers.

"I want to say how deeply sorry we are for the impact this incident has had on our guests - your constituents," Mulligan said in prepared remarks.

The No. 3 U.S. retailer is working hard to earn back the trust of its customers and "moving as quickly as possible to share accurate and actionable information with the public," he said.

Michael Kingston, chief information officer of Neiman Marcus, told the panel that payment card information from transactions at 77 of the company's 85 stores might have been exposed to malware between July and October.

"The maximum number of account numbers in our stores at that time when they were exposed to the malware was 1.1 million accounts," he said. "But we do believe because the malware was only operating at certain times that the number is less than that."

Kingston said there was no indication that the data breach had compromised transactions on the company's website or at its restaurants, and personal identification numbers were not compromised.

Committee Chairman Patrick Leahy, a Vermont Democrat, told Mulligan and other executives that U.S. consumers deserved to know when their private information had been compromised and what businesses were doing in response to cyberattacks.

"Public confidence is crucial to our economy," Leahy said. "If consumers lose faith in business' ability to protect their personal information, our economic recovery will falter."

Leahy asked Mulligan whether Target had known its systems had been hacked before the U.S. Justice Department notified the retailer of the breach.

"Despite significant investment in multiple layers of detection that we had in our systems, we did not," Mulligan replied.

U.S. lawmakers are holding a series of hearings this week on aspects of the data breaches.

On Monday, a top Secret Service agent joined a chorus urging lawmakers to do more to prevent the types of crimes that have come to light recently. Congress has wrestled for years with proposals for legislation on data security but has been unable to reach an agreement.

"All businesses - and their customers - are facing increasingly sophisticated threats from cyber criminals," said Mulligan. "To prevent this from happening again, none of us can go it alone."

On Monday Target said it was speeding up a planned $100 million program to implement the use of chip-enabled smart cards to protect against cyber theft.

The cards contain tiny microprocessor chips that encrypt personal data shared with sales terminals used by merchants. Stolen smart-card numbers would be useless without the chip.

(Additional reporting by Peter Cooney; Writing by Jim Loney; Editing by Ros Krasny and Lisa Von Ahn)

FILED UNDER:

Surprise Rate Cut

Reuters Showcase

Insurance Bill

Insurance Bill

Opposition support bolsters prospects for insurance reforms  Full Article 

SBI Share Sale

SBI Share Sale

SBI's up to $2.4 billion share sale likely by end April - sources   Full Article 

Eicher Share Sale

Eicher Share Sale

Truck maker Volvo sells shares in Eicher Motors  Full Article 

Beef Ban

Beef Ban

After beef ban, Hindu groups force abattoirs to close   Full Article 

Monsoon Season

Monsoon Season

Exclusive - India expects better monsoon rains this year  Full Article 

Services Growth

Services Growth

Services growth at eight-month high in Feb - HSBC PMI  Full Article 

'India's Daughter'

'India's Daughter'

Documentary on 2012 Delhi gang rape banned in India  Full Article 

Capex Slashed

Capex Slashed

Cairn India slashes 2015-16 capex on falling crude   Full Article 

Strong Start

Strong Start

Airwaves auction off to strong start, bids near $10 billion.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device  Full Coverage