And the good news keeps rolling in - first Target, now Neiman Marcus
A two-fer.
First, from
Yahoo/AFP:
Target says data breach up to 110 mn customers
Giant US retailer Target said Friday that up to 110 million customers have had their personal data stolen in a data breach, sharply raising its initial estimate.
The number of people affected represented one in three Americans, and the scope of the information stolen was much broader than originally thought, Target admitted.
Target initially reported on December 19 that payment card data of some 40 million customers had been obtained by hackers during the year-end holiday shopping season.
The stolen information included credit and debit card data, customer names and PIN (personal identification data) numbers.
Second - from
Brian Krebs:
Hackers Steal Card Data from Neiman Marcus
Responding to inquiries about a possible data breach involving customer credit and debit card information, upscale retailer Neiman Marcus acknowledged today that it is working with the U.S. Secret Service to investigate a hacker break-in that has exposed an unknown number of customer cards.
Earlier this week, I began hearing from sources in the financial industry about an increasing number of fraudulent credit and debit card charges that were being traced to cards that had been very recently used at brick-and-mortar stores run by the Dallas, Texas based high-end retail chain. Sources said that while it appears the fraud on those stolen cards was perpetrated at a variety of other stores, the common point of purchase among the compromised cards was Neiman Marcus.
Today, I reached out to Neiman Marcus and received confirmation that the company is in fact investigating a breach that was uncovered in mid-December.
No numbers announced as yet. Yikes!
Here is a Wikipedia article on
Security breach notification laws in the USA and here is a
state by state listing of what the laws are (PDF).
Posted by DaveH at January 10, 2014 9:09 PM