Every week a company is in the news for some sort of data breach or security exploit, where customer information, sometimes including credit card numbers, are stolen in the process. This week leaves no exception as popular retailer Neiman Marcus' credit-card payment system was under attack for the better half of last year.
The hackers who accessed the database were able to get into the system more than 60,000 times over 8 months, digging through the files and installing software to steal credit card numbers. In a 157 page report on the matter, the analysis concludes that on some days, hundreds of alerts were set off while the hackers were in the system. Each day, their installed software that would steal the numbers was deleted, forcing the group to reinstall the package every night. While the crew was in the network for 8 months, card data was stolen from July to October.
The report also says that this attack does not appear to be affiliated with the Target breach that led to the theft of over 40 million credit card numbers.
The code style and the modus operandi look totally different. The attackers were using a specific code for a specific network, and the way they were writing their code doesn't seem to be related to the way that the attackers on the Target breach were.
How did the rogue software go undetected for so long? A spokeswoman for Neiman Marcus says that the hackers gave their software a name that looked almost identical to the retailer's existing payment system. When its security team scanned through alerts and logs, they simply passed over the issues in the sea of data that they looked at. Reports of activity identified the software as "suspicious behavior" over 59,000 times, but Neiman Marcus' security system did not automatically quarantine or remove the malicious program.
Ginger Reeder, the spokeswoman for Neiman Marcus, said,
These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1 percent or less of the daily entries on these endpoint protection logs, which have tens of thousands of entries every day.
It was estimated that 1.1 million cards were compromised in the attack, however after further investigation, Neiman Marcus is reporting that only 350,000 credit cards were taken from the clothier. 9,200 have been used since the breach.
In the past year we've had over a dozen infamous security and data breaches across retail, gaming and other spaces, so it definitely raises a cause for concern over your information and how it's being safely secured. What should retailers do differently to ensure this doesn't happen? What are you doing to protect yourself? We want to know in the comments below.