In a statement provided to Krebs, the company said, "Neiman Marcus was informed by our credit card processor in mid-December of potentially unauthorized payment card activity that occurred following customer purchases at our Neiman Marcus Group stores. We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation."
The forensics firm determined on January 1, 2014 that the company had been hit by a cyber attack that compromised some customers' credit card data. Still, Neiman Marcus spokesperson Ginger Reeder told Krebs the company hasn't yet determined the cause, size or duration of the breach.
And according to Reuters, Neiman Marcus and Target weren't the only large retailers hit recently -- at least three other leading U.S. retailers were also attacked over the holidays, likely via memory parsing malware, which Visa had issued a warning [PDF] about in August of 2013.