Neiman Marcus Group announced on Thursday that an unauthorized party has gained access to approximately 4.6 million customer accounts.
In May 2020, a third party obtained the personal information of certain Neiman Marcus customers. The data includes:
- names and contact information
- payment card numbers and expiration dates
- Neiman Marcus virtual gift card numbers and usernames
- security questions and answers associated with Neiman Marcus online accounts
The unauthorized party, however, didn’t manage to get CVV numbers and PINs.
According to the official statement, around 3.1 million payment and virtual gift cards were impacted. Fortunately, most of them were either invalid or expired. Neiman Marcus-branded credit cards were also not affected.
It is, however, still unclear whether Bergdorf Goodman or Horchow user accounts have been breached.
Resolving the Issue
The company announced that it’s working with Mandiant, a leading cybersecurity expert, to resolve the issue. It has also notified law enforcement.
“We are working hard to support our customers and answer questions about their online accounts. We will continue to take actions to enhance our system security and safeguard information,” said Chief Executive Officer Geoffroy van Raemdonck.
Furthermore, NMG is urging the affected customers to reset their passwords, in case they haven’t changed them since the time of the attack.
The company also has a call center which users can contact from Monday to Sunday. In addition, it has set up a webpage with more information on the topic.