Neiman Marcus Data Breach Exposes 64k Customer Records
Neiman Marcus Group (NMG) recently discovered unauthorized access to their cloud database platform provided by Snowflake.
Ashish Khaitan June 26th, 2024
Share on LinkedInShare on Twitter
Neiman Marcus has issued a notification to its customers regarding a massive data breach that occurred in May 2024, potentially exposing sensitive personal information.
The Neiman Marcus data breach, affecting approximately 64,472 customers, involved unauthorized access to a cloud database platform used by the luxury retailer, which is operated by Snowflake, a third-party provider.
In a conversation with The Cyber Express, a Neiman Marcus spokesperson confirmed the breach, stating, “Neiman Marcus Group (NMG) recently learned that an unauthorized party gained access to a cloud database platform used by NMG that is provided by a third party, Snowflake.”
Prompt action was taken, with the spokesperson adding, “Promptly after discovering the incident, NMG took steps to contain it, including by disabling access to the platform.”
Neiman Marcus Data Breach Confirmed
The Neiman Marcus data breach compromised a range of personal data, including customer names, contact details, dates of birth, and Neiman Marcus gift card numbers.
“Based on our investigation, the unauthorized party obtained certain personal information stored in the platform,” the spokesperson continued, clarifying that “The types of personal information affected varied by individual, and included information such as name, contact information, date of birth, and Neiman Marcus or Bergdorf Goodman gift card numbers (but without gift card PINs).”
Neiman Marcus has acted swiftly, launching an investigation with leading cybersecurity experts and notifying law enforcement authorities. In compliance with regulatory requirements, the company has begun notifying affected customers, including reaching out to the Maine Attorney General’s office.
The retailer has advised customers to monitor their financial statements for any suspicious activity and has provided resources for individuals concerned about identity theft.
Mitigation Against the Neiman Marcus Data Leak
“We also began an investigation with assistance from leading cybersecurity experts and notified law enforcement authorities,” the spokesperson emphasized. Customers are encouraged to request free credit reports, report any suspected fraud to law enforcement and the Federal Trade Commission, and consider placing a security freeze on their credit files as precautionary measures.
Neiman Marcus Group, Inc., based in Dallas, Texas, is a popular luxury retailer that oversees brands such as Neiman Marcus, Bergdorf Goodman, Horchow, and Last Call. Since September 2021, it has been under the ownership of a consortium of investment firms led by Davidson Kempner Capital Management, Sixth Street Partners, and Pacific Investment Management.
Following this Neiman Marcus data leak, the firm has established a dedicated toll-free hotline (1-885-889-2743) for affected customers seeking further information or assistance related to the data breach incident.