Neiman Marcus experiences cyberattack
Neiman Marcus Group (NMG), the American chain of luxury department stores, disclosed that it faced a data breach that affected around 4.6 million customers. The breach occurred after an unauthorized group got access to the personal information of the organization’s customers from their online accounts. To rectify the issue, Neiman Marcus has appointed Mandiant to help in the investigation and is also working with law enforcement agencies.
The personal information impacted includes names, addresses, contact information, usernames and passwords of Neiman Marcus online accounts, payment card numbers, and expiration and Security questions of Neiman Marcus online accounts
According to the company, around 3.1 million payment and virtual gift cards were affected, but 85% of these were expired or invalid. They claimed that no active credit cards were impacted. There is no evidence that online accounts at Bergdorf Goodman or Horchow were also a victim.
This incident dates back to a year ago but NMG claimed that it became aware of the breach last month.
It is also not known if the user accounts stored by the company were in plaintext or were appropriately hashed and salted, which is being recommended by industry experts for a long time now.
After becoming aware of the incident, the retail giant began encouraging customers to reset their passwords. They stated that their investigation is underway to identify the nature and scope of the attack. In an effort to protect their customers, they needed an online account password reset. Customers were also prompted to change their passwords for accounts on other platforms where they had a similar password as that of their Neiman Marcus account.
Moreover, the group has created a dedicated webpage that directs customers to watch out for unauthorized transactions. The impacted party can also ask for a copy of their credit report without any charge. At this time, Neiman Marcus does not seem to provide free credit monitoring services to their customers, where this is a norm for most organizations that face breaches.
Neiman Marcus CEO Geoffroy van Raemdonck claimed that their customers are their topmost priority. They are working hard to support their customers and respond to their queries. Moreover, they will work to enhance their system security along with safeguarding the information.