

Hackers steal card data from Neiman Marcus - panarky
http://krebsonsecurity.com/2014/01/hackers-steal-card-data-from-neiman-marcus/

======
nikcub
Notice the pattern to all of these - the hacks are only discovered _after_ the
cards have already been charged and the card companies piece together where
the possible source could have been by looking at common purchases.

That is the state of security at the moment, not only is it easy to hack into
sites, but it is easy to cover you tracks and not be discovered.

Vendors have resorted to trawling the carding forums and buying up dumps to
figure out who has been hacked.

I can't remember the industry ever being so imbalanced towards the black hats.

~~~
magic_haze
Is there any reason why these stores need to store the full magnetic stipe
details of the card in the first place?

~~~
MartinCron
I would expect the credit card companies would require that they _not_ store
the entire card swipe data (or the PIN for that matter).

~~~
magic_haze
That is what I thought as well, but details on the Target hack suggests they
managed to get hold of the cards' entire track data (I'm on my phone so can't
link to the article directly, but it's on the same website as OP's link) I'm
guessing NM has the same data policy.

~~~
ForHackernews
I thought the theory was that the target hack was targeted at POS card-
readers, not recovering numbers after the fact from a database.

~~~
cynwoody
It was.

But in order to pull it off on the scale they did, the bad guys must have
broken into Target's corporate network. Apparently, the level of access they
achieved allowed them to raid the marketing database as well as to hack large
numbers of POS terminals to leak the card swipe data.

The marketing database, BTW, contained name and contact information, but not
credit card details. The bad guys might find it useful for phishing attacks.

------
interstitial
All these revelations are timed too perfectly. It is obviously a crypto-
currency conspiracy to drive credit card transactions out of the comfort zone
of mainstream Americans, and subtly migrate the shell-shocked populace into
accepting the underworld's own spawn -- a hoarded and cracked crypto-currency.
Well, it would be if I ever finish my sci-fi distopian short story on it.

------
NN88
...this is getting ridiculous.

