Neiman Marcus on Thursday released several details about its Target-like credit card hacking incident, including these key points:
- Hackers had access to their systems from July 16 to Oct. 30.
- A malicious program attempted to “scrape” payment card information during that time frame
- Between those two dates, about 1.1 million cards were swiped by consumers, potentially exposing those accounts to hackers
- Mastercard, Visa, and Discover told Neiman Marcus that 2,400 of those cards have been used fraudulently so far
- Consumers who shopped at the store last year will be offered free credit monitoring
While it might seem like good news that only a tiny fraction of the exposed accounts have been hit with fraud, I wouldn’t be so sure. That fraud rate is probably no higher than normal, a finding that I released several weeks ago when I teamed up with BillGuard to examine this very issue. This could mean several things: Perhaps banks are surgically stopping all fraud before it starts. Perhaps criminals only bothered to take a few of the credit card numbers they had access to. I think a more likely explanation is that the criminals haven’t really even started exploiting their stolen data yet. They are sitting on it, waiting for all this attention to die down, and won’t even bother trying to initiate fraudulent transactions for months — or longer. So now is no time to let down your guard. Watch those credit card bills.
Subscribe to Bob Sullivan’s newsletter
Be the first to comment