Millions of Neiman Marcus customers hacked in data breach

Data Breach
(Image credit: Shutterstock)

Attackers have managed to exfiltrate personally identifiable information (PII) of about 4.6 million customers of popular American department store chain, Neiman Marcus (NM), the company has revealed.

NM has roped in the cybersecurity experts at Mandiant to examine the impact of the breach, which reportedly occurred last year in May 2020, according to initial investigations.

Even as the company is investigating the scope of the breach, it believes the attack wasn’t the same for all customers, with some losing more information than others.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

“The personal information for affected Neiman Marcus customers varied and may have included names and contact information; payment card numbers and expiration dates (without CVV numbers); Neiman Marcus virtual gift card numbers (without PINs); and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts,” shared NM in a note to customers.

Under investigation

NM has apprised law enforcement agencies of the incident, which it says was restricted to its customers only and doesn’t appear to have affected the other brands of its corporate owners, namely, Bergdorf Goodman and Horchow. 

While it hasn’t shared details about exactly when and how the breach was discovered, NM shares that once the incident came to light, the company initiated steps to “protect its customers.”

This included forcefully making users, who hadn’t changed the passwords of their NM account since May 2020, change their password.

The company has setup a dedicated call center and a website to field queries from their customers, and its CEO Geoffroy van Raemdonck has assured that the company “will continue to take actions to enhance our system security and safeguard information."

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.