Neiman Marcus Suffers Data Breach Affecting 64,000 Customers
High-end department store Neiman Marcus on Monday disclosed a data breach, shortly before a hacker offered to sell information belonging to millions of the company’s customers, reports SecurityWeek. The company told the Maine Attorney General’s Office that the breach has impacted more than 64,000 individuals. Shortly after Neiman Marcus disclosed the breach, a hacker who uses the online moniker "Sp1d3r" announced on a cybercrime forum the sale of a Neiman Marcus database. The hacker suggested that they demanded a ransom from the retailer, but the company refused to pay up.
The breach was confirmed to be related to the recent cyber attack on cloud storage company Snowflake, which reportedly hit at least 165 organizations in addition to Neiman Marcus, including Ticketmaster, Santander Bank, Anheuser-Busch, Allstate, Advance Auto Parts, Mitsubishi, Progressive, and State Farm. Hackers did not compromise Snowflake systems. Instead, they leveraged Snowflake customer credentials harvested by infostealer malware to access accounts storing vast amounts of information.
Neiman Marcus has started informing customers that a database platform storing personal information was compromised between April 2024 and May 2024. The data breach was detected in May. An investigation showed that the hacker had gained access to information such as name, contact data, date of birth, and Neiman Marcus or Bergdorf Goodman gift card number. The retailer said gift card PINs were not exposed.
Total Retail's Take: Retailers' data is vulnerable through third-party technology providers. The recent Snowflake attack that compromised dozens of other companies' information is only the latest in a string of similar incidents, which presents an issue of concern for all organizations working with third-party vendors.
"Organizations must ensure they address third-party risk management, enhance access controls for users and data connections, continually work to protect data, prepare for incidents, promote cyber hygiene, and continuously improve security measures," said James McQuiggan, security awareness advocate at KnowBe4. "All of these go hand-in-hand with building the layers of defense to protect the trust of stakeholders and customers." Consumer trust of retailers' capability to safely and securely store their private information is certainly at risk.
It's reported that the Snowflake attack specifically targeted accounts lacking multifactor authentication (MFA), which "raises the question why this isn't enforced at Snowflake's end," commented Gunnar Braun of Synopsys Software Integrity Group. "For Neiman Marcus, and all other Snowflake customers, it comes down to protecting their credentials, like everyone of us should do for their PayPal, Gmail, and any other accounts: strong passwords (or better passkeys), MFA, network allow lists." The incident demonstrates that every company that stores data is a potential target for an attack and all organizations must take measures to protect that information.
Kristina Stidham is the digital content director at Total Retail and sister brands Women in Retail Leadership Circle and Women Leading Travel & Hospitality at NAPCO Media. She is passionate about digital media and handles video, podcast and virtual event production for all brands. You can often find her at WIRLC, TR, WLT&H or industry events with her camera and podcasting equipment—or at home on Zoom—recording interviews with thought leaders and business executives.
Kristina holds a B.A. in Media Studies and Production from the Temple University Klein College of Media and Communication in Philadelphia. Go Owls! When she's not in the office, she loves to go on long walks, sing around the house, hangout with her family and two pet guinea pigs, and travel to new places.
