Major Data Breach Hits Neiman Marcus


The owner of two chains of American luxury department stores has warned 4.6 million Neiman Marcus customers that their personal data may have been exposed in a security incident that happened 17 months ago. 

Neiman Marcus Group, which owns the Neiman Marcus and Bergdorf Goodman department stores, as well as the high-end home goods line Horchow, said the incident may have exposed information including names, contact details, and payment card information.

In a statement released Thursday, the Group said it had “recently learned that an unauthorized party obtained personal information associated with certain Neiman Marcus customers’ online accounts.” 

Law enforcement has been notified of the breach, and the Group is working with cybersecurity company Mandiant to determine what took place and how it happened. 

While the investigation into the incident is ongoing, the Group said that the date of the breach has been narrowed to May 2020. 

It has been determined that the unauthorized attacker may have accessed usernames, passwords, and security questions and answers linked to Neiman Marcus online accounts.

The Group, which is headquartered in Dallas, Texas, said that approximately 3.1 million payment cards and virtual gift cards were affected by the security incident. However, the company said that only 15% of the impacted cards were valid or unexpired. 

“No active Neiman Marcus-branded credit cards were impacted,” stated the company.

No evidence has been found to suggest that Bergdorf Goodman or Horchow online customer accounts were affected by the breach.

Since learning of the incident, the Group has required an online account password reset for affected customers who had not changed their password since May 2020.

“At Neiman Marcus Group, customers are our top priority,” said Geoffroy van Raemdonck, chief executive officer of the Neiman Marcus Group. 

“We are working hard to support our customers and answer questions about their online accounts. We will continue to take actions to enhance our system security and safeguard information.”

A dedicated call center, which is open seven days a week, has been set up by the Group to help customers who are concerned about the safety of their personal information.

Products You May Like

Articles You May Like

‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Indiana County Files Disaster Declaration Following Ransomware Attack
Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach
Should ransomware payments be banned? – Week in security with Tony Anscombe
AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

Leave a Reply

Your email address will not be published. Required fields are marked *