The attack on Neiman Marcus point-of-sale systems dates back to July 2013 and the threat was not completely mitigated until Sunday, unnamed people briefed on the retailer's investigation told the New York Times in a Thursday report.
Neiman Marcus has yet to officially announce details of the incident, including when it initially began, but according to a statement released earlier on Thursday by Neiman Marcus CEO Karen Katz, unauthorized card activity was linked to customer purchases in the retailer's stores.
Katz announced that one free year of credit monitoring services would be offered to any customer who shopped in a Neiman Marcus store in the past year, leading to speculation that the attack may have begun well before it was officially announced on Monday.
