Published on: July 2, 2024
Neiman Marcus, a luxury apparel store based in Texas, recently faced a data breach that exposed 64,472 customers.
The leaked information varies by individual but includes full names, email addresses, phone numbers, and Neiman Marcus or Bergdorf Goodman gift card numbers. Each gift card should still be valid since user PIN codes are safe.
On a hacker forum, a user named Sp1d3r took credit for the attack and hinted at Neiman Marcus refusing to give in to the $150,000 ransom demands. Sp1d3r claims that the data for sale includes more than is being reported. According to them, the last four digits of customers’ social security numbers, 70-plus million transaction details, and over six billion rows of shopping records, employee data, and store data were stolen.
“Neiman Marcus not interested in paying to secure customer data,” the hacker said. “We give them the opportunity to pay and they decline. Now we sell. Enjoy!”
The post has been removed from the forum.
“In May 2024, we learned that, between April and May 2024, an unauthorized third party gained access to a database platform used by Neiman Marcus Group,” the company said in data breach report filed with the Office of the Maine Attorney General. “Based on our investigation, the unauthorized third party obtained certain personal information stored in the database platform, Promptly after learning of the issue, we took steps to contain it, including disabling access to the relevant database platform.”
Affected customers should immediately change their passwords and keep an eye out for official updates from Neiman Marcus. They should also stay on high alert for scammers, who may try to use data they purchase from hacker forums to create complex social engineering schemes. Be wary of email attachments, offers from a stranger, and all other online scams.