[TheRecord] Neiman Marcus discloses data breach impacting 4.6 million customers

Luxury department store chain Neiman Marcus has disclosed a data breach on Thursday that has exposed the personal information of more than 4.6 million of its customers.

The Dallas-based company, which owns three fashion brands and operates 37 stores across major US cities, disclosed the incident in a message posted on its corporate website.

According to the company, the security breach took place last year, in May 2020, and the incident only recently came to light and is still being investigated with the help of law enforcement.

The company said that only customers of its Neiman Marcus online shop were impacted. The intrusion did not reach its Bergdorf Goodman or Horchow online shops.

Data stolen by the hacker varied from customer to customer, but the company said it included fields such as:

namescontact informationpayment card numbers (without CVV numbers)card expiration datesvirtual gift card numbers (without PINs)online account usernamesonline account passwordsonline account recovery questions & answers

“Approximately 4.6 million Neiman Marcus online customers are being notified of this issue,” the company said.

“For these customers, approximately 3.1 million payment and virtual gift cards were affected, more than 85% of which are expired or invalid,” it added.

Neiman Marcus has also set up a special website to provide additional details and guidance for affected customers.

This is the company’s second major data breach after hackers stole payment card details for 1.1 million customers back in 2013. In 2019, the company was fined $1.5 million for that incident.

The post Neiman Marcus discloses data breach impacting 4.6 million customers appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] US Gov Offering $10M Reward for Data on DarkSide Ransomware Operators

All posts, Security Week

The U.S. government wants to find the people responsible for the Colonial Pipeline ransomware attack and it’s putting up multi-million rewards for data on the operators behind the Darkside extortion campaign. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ZDNet] Singapore must clamp down on security inertia before digital banking era can take off

All posts, ZDNet

With Singapore’s digital bank licensees expected to begin operations this year, a spate of online scams wiping victims of their life savings serves as yet another wakeup call and demonstrates regulations sometimes are the only way to shake organisations out of complacency. Source: Read More (Latest topics for ZDNet in Security)

Read More

[NCSC-FI News] Spotify stängs ned i Ryssland

Spotify har fattat beslut om att stänga ner sin ryska verksamhet – Det meddelar musikjätten i ett pressmeddelande. Source: Read More (NCSC-FI daily news followup)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.