Alto Global Processing: Target Breach Widens, Neiman Marcus Also Admits to Attack by CardNotPresent.com

On Friday, Target disclosed that the security breach it originally said exposed the payment-card information of up to 40 million U.S. consumers, may end up affecting more than 70 million. The retailing giant acknowledged on Friday that, in the course of its investigation of the original breach, the company uncovered 70 million accounts where names, mailing addresses, phone numbers and emails were compromised. The company acknowledged that overlap between the two breaches—that is some customers whose credit-card numbers were stolen also had their names, emails and other information hacked as well—was “likely.”

And, this weekend, Dallas-based luxury department store Neiman Marcus also admitted it had been hacked during the holiday season. In a statement, the company said it had been informed by its processor in mid-December of “unauthorized payment card activity.” The retailer has not disclosed any guesses on the size of the breach and has enlisted both the U.S. Secret Service and a third-party forensics firm to investigate.

A Reuters report yesterday suggested three breaches that hit “well-known” but unnamed retailers earlier in the year were tests for hackers for the big holiday breaches. Sources told Reuters the techniques used in the smaller attacks were similar to the ones that hit Target and Neiman Marcus. The sources suspect the attacks were carried out by the same criminals but cannot be sure.