[ISN] Neiman Marcus Hackers Set Off Nearly 60K Alarms

http://www.pcmag.com/article2/0,2817,2453873,00.asp BY STEPHANIE MLOT PC MAG FEBRUARY 23, 2014 A month after Neiman Marcus revealed a hack of customer credit and debit cards, Bloomberg Businessweek said the attackers set off the retailer’s security system about 60,000 times during their strike. Between July and October 2013, hackers quietly collected card data via “sophisticated, self-concealing” malware installed on Neiman’s system, the company said in January. But the exploit took about eight months, Bloomberg said; the hackers were forced to reload their software daily, as it was automatically deleted from the retailer’s registers each day. That process also meant that the hackers often tripped hundreds of alarms, which were not detected by Neiman Marcus. A Neiman Marcus spokeswoman declined to comment, pointing PCMag to the Bloomberg story, which quoted her as saying that the hackers were smart enough to give their malware a title almost identical to the company’s payment software, ensuring that alerts would not be picked out of the crowd. “These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1 percent or less of the daily entries on these endpoint protection logs, which have tens of thousands of entries every day,” the company said. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail