The security breach that hit Target Corp. during the crucial holiday season seemed to be part of a broader scam that affected several retailers, according to a report published by a global cyber intelligence firm that works with the U.S. Secret Service and the Department of Homeland Security.
The report, released Thursday by iSight Partners of Dallas, offers more insight into the breach at Target, which affected 40 million credit and debit card accounts and stole the personal information of as many as 100 million customers.
The report confirms that a malicious software that infiltrated the point of sale system at the registers was "almost certainly derived" from BlackPOS, a crude but effective software product.
Last week, Neiman Marcus said it was hit by a security breach over the holidays.
Neiman Marcus said customers' Social Security numbers and birthdates to its knowledge were not stolen in a security breach that happened over the holiday season.
The update, posted on its website Thursday, comes nearly a week after the Dallas-based luxury retailer said that thieves stole some of its customers' payment information and made unauthorized charges.
Neiman Marcus had said it was notified in mid-December by its credit card processor about potentially unauthorized payment activity and on Jan. 1, a forensics firm confirmed that it was a victim of a cybersecurity intrusion. Neiman Marcus has not said how many customers have been affected.