Remember how Neiman Marcus revealed that hackers accessed credit card info for brick-and-mortar store customers? Turns out, during the eight-month period when hackers were snooping around the company's system, they set off nearly 60,000 security alerts. That seems like a lot of pop-ups to casually dismiss.
BloombergBusinessweek says the internal company investigation into the hacking attack reveals that the card-stealing software hackers used was automatically deleted from the point-of-sale payment register system at the end of each day, sometimes triggering hundreds of alerts in the process. After four months of lurking, hackers were able to steal credit card data undetected from July through October of 2013.
So how did all these alerts go unheeded? Well, for a system this size, 60,000 alerts over a period of months only adds up to about one percent of daily log entries, Neiman Marcus spokeswoman Ginger Reeder told Businessweek. What's more, Reeder says the hackers gave their malicious software a name nearly identical to the official payment software, making it tough to distinguish suspicious activity from false positives, the report states.
Perhaps even more perplexing: Neiman Marcus's system could have been set to automatically block the malware as soon as it detected anomalous activity—but that feature was turned off because it was hampering legitimate maintenance programs.
The end result? Hackers took over a vulnerable server in the company's point-of-sale system, evaded the other security measures in place, and after four months of scraping, made off with around 350,000 customer cards, 9,200 of which have since been used fraudulently.
Oh, and one more thing: internet security expert Aviv Raff told BloombergBusinessweek the Neiman Marcus hackers used a strikingly different method than the Target hack that was discovered around the same time. So now the authorities are on the hunt for two different hacking crews.