Neiman Marcus has notified 4.6 million customers of a security breach on September 30.
The breach, which occurred in May 2020, has only now been uncovered. Personal information linked with customers’ online accounts was obtained by an unauthorized party. The company has confirmed that it is working with a cybersecurity expert, Mandiant, to investigate, and has alerted law enforcement.
Information that was affected might have included contact information and names, as well as payment card numbers and expiration dates – not including the CCV. Virtual gift card numbers, usernames, passwords, security questions and answers have also been listed as possible areas of concern. More than three million payment and virtual gift cards were affected – of which 85 percent are expired or invalid.
Chief executive officer Geoffroy van Raemdonck said “customers are our top priority” and assured that Neiman Marcus is “working hard to support our customers and answer questions.”
After learning of the issue, Neiman Marcus implemented an online account password reset for affected customers. It has also set up a call center which will be available seven days a week. Currently, the company is unaware as to how other brands such as Bergdorf Goodman or Horchow have been impacted.
“We will continue to take actions to enhance our system security and safeguard information,” van Raemdonck said.