High-end boutique retailer Neiman Marcus confirmed up to 1.1 million credit cards were affected during a security data breach that was disclosed over the 2013 holiday shopping season. Starting in mid-July to late October last year, malware collected credit card and debit card information, with 2,400 cards reportedly used for fraudulent purchases.
Customer Social Security numbers, debit card PIN numbers and birth dates weren't disclosed, and online shoppers haven't been affected.
"The malware the thieves deployed is more sophisticated and an unusual and a new way of gathering data," said David Robertson, The Nilson Report publisher, when speaking with the media. "In the history of the fight between hackers and retailers and anyone who holds payment data, the attack has occurred at the data center. That's where the largest number of accounts are. That's where the attack occurred because that's the biggest payoff."
Retailers already must deal with a number of different online threats, but malware and security risks facing brick and mortar retailers is a newer issue.