Neiman Marcus attackers set off 60,000 alerts – but went unnoticed

Hackers who stole hundreds of thousands of card details from upscale retailer Neiman Marcus set off more than 60,000 security alerts – but these were all missed by security staff at the company, according to a report by Bloomberg Businessweek.

The report, citing an 157-page analysis by the firm’s security team, also quoted security experts who said that the attack was most likely not the work of the attackers who stole 40 million credit card numbers from Target. Bloomberg’s report says that the Neiman Marcus attackers wrote code to target that specific network, and their methods were not related to those used in the Target Breach.

The malware used in the attack was “self-concealing”, according to PC Mag’s report, but the attackers had to reinstall it in registers every day, which set off hundreds of alarms. But while Neiman Marcus’s systems flagged the behavior, it did not recognize the software itself as malicious.

Hackers penetrated company systems on March 5 2013, according to the report, and four months later began stealing from stores around the country, according to the Atlanta Journal Constitution.

Speaking to Bloomberg Businessweek, Ginger Reeder, a spokeswoman for the company, said that the hackers gave their software a name near-identical to the company’s payment software, so that alerts went unnoticed among the thousands the security team faced daily, “These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1% or less of the daily entries on these endpoint protection logs, which have tens of thousands of entries every day.”

Reeder said that while initial estimates suggested 1.1 million cards might have been exposed in the breach, the real number was likely lower than 350,000, of which 9,200 have since been used fraudulently.

The chain is offering all customers who shopped during the period a year of free credit monitoring and identity theft protection.

Expert advice from ESET security researcher Lysa Myers on how to defend against card fraud if you fear you may have used your card in stores affected by breaches can be found here.

The breaches have led card issuers and banks to call for a replacement for the “hugely insecure” magnetic-stripe systems used by many U.S. banks, as reported by We Live Security here.

Author Rob Waugh, We Live Security

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
23 Feb 2014
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.