1.1 million customer credit card details stolen from US retailer


In January 2014, the retail company disclosed they had suffered a breach where hackers accessed the debit and credit card information of customers who shopped between 16th July to 30th October 2013. The breach occurred when malicious software was installed onto point of sales system that collected payment card data from customers who made purchases during those dates.

Originally, the company estimated that as many as 1.1 million cardholders could have been affected but further investigation found that it affected a maximum of 350,000 customers. About 9,200 of those stolen credit cards were used fraudulently. Only in-store customers were affected, not online transactions.

As a result of the breach, the company said it conducted a vulnerability assessment of its payment card systems, reviewed its intrusion detection systems and firewalls, further hardened its systems, added new security tools and modified its software and security credentials.

In March 2017, the company disclosed the details of the settlement related to this incident.

Book a consultation

Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:


  • Neiman Marcus

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here