For those still following the Neiman Marcus breach, apparently this one was a sophisticated piece of malware. It was embedded sometime in 2013, but was skimming data from July to October, affecting only in store retail customers. Any of the credit card numbers that were skimmed were encrypted before leaving the Neiman Marcus network. This is quite an interesting story that Wall Street Journal posted.
Neiman was warned by credit-card companies it might have a problem as early as mid-December and contacted federal law enforcement officials before Christmas, but didn’t report the problem to its customers until Jan. 10, after security blogger Brian Krebs pressed the company for details.
I found the blurb interesting is that I had my credit card number stolen, and immediately Chase knew it was a fraudulent charge. I am not sure if behind the scenes Visa told Chase of a past purchase and to watch out. Or was it the fact that I used my card during the day and there was a charge on the same day in Georgia.
According to the article, fortunately, no PINs were stolen because they do not have PIN pads.