Dallas-based retailer Neiman Marcus Group said it recently learned that an unauthorized party obtained personal information associated with customers’ online accounts in May.
NMG said it notified law enforcement of the issue and is working with Mandiant, a cybersecurity firm, to investigate and it is notifying approximately 4.6 million Neiman Marcus online customers of the breach.
The company said that the personal information involved may have included names and contact information; payment card numbers and expiration dates; Neiman Marcus virtual gift card numbers; and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts.
The company also suffered a breach in 2013, which ended up costing it a $1.5 million settlement with 43 state attorneys general in 2019.
Neiman Marcus Settles Data Breach Claims With States for $1.5 Million
In this latest breach, approximately 3.1 million payment and virtual gift cards were affected, more than 85% of which the company said are expired or invalid. No active Neiman Marcus-branded credit cards were impacted. At this time, the company has no evidence that any accounts with company affiliates Bergdorf Goodman or Horchow have been affected.
Under terms of the 2019 settlement, Neiman Marcus agreed to maintain reasonable procedures to protect customers’ personal data and obtain an information security assessment and report from a third-party professional.
Related:
- Cyber Criminals Target Remote Workers and ‘Critical Infrastructure to Corner Stores’
- Credit Card Breach Update: Neiman Marcus Investigated; Target Sued by Bank
Topics Cyber
Was this article valuable?
Here are more articles you may enjoy.
Progressive Q2 Net Income Skyrockets Over 320% 
Damage From Hurricane Beryl May Cost Insurers $2.7B in US, $510M in Caribbean: KCC 
Elon Musk Beats $500 Million Severance Lawsuit by Fired Twitter Workers 
Allstate Seeking 34% Rate Hike on California Homeowners Insurance 
