The Dallas Morning News reported Neiman Marcus confirmed data had been compromised on 1.1 million credit and debit cards from July 16 to Oct. 30.
"During those months, approximately, 1.1 million customer payment cards could have been potentially visible to the malware. To date, MasterCard and Discover have notified us that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently," the retailer said in an online posting.
President and Chief Executive Officer Karen Katz apologized in the online note.
The retailer has also "taken steps to notify those affected customers to whom we have contact information," the posting says.
The company also said it is working on strengthening its protection against hackers.
"PINs were never at risk because we do not use PIN pads in our stores," the store said referring to personal identification numbers.
Social Security numbers were also not compromised, the store said.
"We deeply regret and are very sorry that some of our customers' payment cards were used fraudulently after making purchases at our stores. ... We aim to protect your personal and financial information. We want you always to feel confident shopping at Neiman Marcus, and your trust in us is our absolute priority," Katz said.