Hackers
who stole hundreds of thousands of card details from upscale retailer
Neiman Marcus set off more than 60,000 security alerts – but these were
all missed by security staff at the company, according to a report by Bloomberg Businessweek.
The report, citing an 157-page analysis by the firm’s
security team, also quoted security experts who said that the attack was
most likely not the work of the attackers who stole 40 million credit
card numbers from Target. Bloomberg’s report says that the Neiman Marcus
attackers wrote code to target that specific network, and their methods
were not related to those used in the Target Breach.
The malware used in the attack was “self-concealing”, according to PC Mag’s
report, but the attackers had to reinstall it in registers every day,
which set off hundreds of alarms. But while Neiman Marcus’s systems
flagged the behavior, it did not recognize the software itself as
malicious.
Hackers penetrated company systems on March 5 2013,
according to the report, and four months later began stealing from
stores around the country, according to the Atlanta Journal Constitution.
Speaking to Bloomberg Businessweek,
Ginger Reeder, a spokeswoman for the company, said that the hackers
gave their software a name near-identical to the company’s payment
software, so that alerts went unnoticed among the thousands the security
team faced daily, “These 60,000 entries, which occurred over a
three-and-a-half month period, would have been on average around 1% or
less of the daily entries on these endpoint protection logs, which have
tens of thousands of entries every day.”
Reeder said that while initial estimates suggested 1.1 million cards
might have been exposed in the breach, the real number was likely lower
than 350,000, of which 9,200 have since been used fraudulently.
The chain is offering all customers who shopped during the
period a year of free credit monitoring and identity theft protection.
No comments:
Post a Comment