Neiman Marcus, an American chain of luxury department stores headquartered in Dallas, Texas, revealed on Thursday, Sept. 30, that it had alerted its online customers about the data breach.
The Neiman Marcus Group said that it informed its 4.6 million customers about the breach and told them that their personal information such as their names, contact details, credit card numbers, gift card numbers, usernames, and passwords might have been illegally accessed by a hacker or third party.
As per Reuters, the luxury department store company said it also reported the incident to law enforcement as well. It seems that the discovery was a little late, as the breach was said to have taken place in May 2020.
Around 3.1 million payment and virtual gift cards were said to have been affected, and more than 85% of these were either invalid or have expired already. Neiman Marcus clarified that its subsidiaries Horchow and Bergdorf Goodman are not affected as there is no evidence for this.
“At Neiman Marcus Group, customers are our top priority,” Neiman Marcus’ chief executive officer, Geoffroy van Raemdonck, said in a press release that confirmed unauthorized access to customers’ online accounts. “We are working hard to support our customers and answer questions about their online accounts. We will continue to take actions to enhance our system security and safeguard information.”
Currently, Neiman Marcus is closely working with Mandiant, an American cybersecurity company based in Virginia. Along with the law enforcement, they are investigating the situation, CNN Business reported.
Neiman Marcus is the latest major company to report a hacking case, although it reportedly happened last year. Last May, the Colonial Pipeline that supplies gas to millions of people was forcibly shut down for almost a week due to a ransomware attack.
This was followed by another cyberattack just days later, where JBS food manufacturing company was the victim. Lastly, in June, it was reported that Volkswagen and McDonald’s were also attacked by hackers.
Meanwhile, there is no update yet about the data breach involving Neiman Marcus. It is also not certain yet who is responsible for this incident. Customers are also advised to change their passwords immediately, especially those who have not changed theirs since May of last year.