US retailers Target and Neiman Marcus were not the only firms whose networks were hacked over the year-end holiday shopping season in 2013.
A 13 January Reuters report said at least three other American retailers suffered data breaches during the crucial sales period, but the news agency gave no further details other than that retailers affected operated stores within malls.
The suspected architects of the crime could be the same as those who stole data from Target. US law enforcement sources have said they suspected that the ring leaders were from Eastern Europe.
The Secret Service and US Department of Justice, which are investigating the Target data theft, refused to comment.
Target said last week that the data breach was worse than initially thought. Investigations revealed that hackers extracted personal information, such as telephone numbers and email addresses, from some 70 million customers.
The unnamed sources whom Reuters interviewed said the hackers used a RAM scraper, or memory-parsing software, to siphon off data. A RAM scraper captures encrypted data when it travels through the live memory of a computer, where it appears in plain text.
However, Target has not made public the details as to how the attackers gained access to such massive amounts of data.
Neiman Marcus revealed earlier in the month that it too had been victim of a cyber attack.
Need for Better Security
The Target credit card breach highlighted the security shortcomings of existing digital cards and added support for the adoption of more robust anti-fraud technology.
The security lapse would reiterate the need among businesses and merchants to adopt computer chips in credit and debit cards to store information, rather than relying on magnetic strips that are vulnerable to hacking and data misuse.
JPMorgan Lends Support
On 22 December, JPMorgan said it had left more than a third of its US bank branches open for business in the run-up to Christmas to help customers affected by the data breach at discount retailer Target.
Many branches were open in the eastern US and in California, with a priority on those in close proximity to major shopping centres.
Earlier, JPM informed two million customers who used Chase brand debit cards at Target stores in the US that they would have to cope with lower cash withdrawal and spending limits.
Target said on 19 December that data from about 40 million credit and debit card accounts could have been stolen during the Thanksgiving weekend, confirming media reports that said federal authorities were investigating a suspected data breach at America's second-largest discount retailer.
Purchases made at Target's US stores between 27 November and 15 December "may have been impacted", Target said in a statement.