June 25, 2024 at 05:01AM
Luxury retailer Neiman Marcus recently experienced a data breach compromising millions of customers’ personal information. The breach, detected in May 2024, exposed data such as names, contact details, and birthdates, affecting over 64,000 individuals. A hacker, ‘Sp1d3r’, offered to sell a database containing information from 180 million users, triggering concerns about cybersecurity and potential connections to recent Snowflake-related attacks. Neiman Marcus has a history of breaches, including in 2013, 2015, and 2020.
Based on the meeting notes, here are the key takeaways:
Neiman Marcus disclosed a data breach affecting their customers’ personal information, including names, contact data, date of birth, and gift card numbers. The breach occurred between April and May 2024, with more than 64,000 individuals impacted. A hacker, known as ‘Sp1d3r’, offered to sell a database allegedly containing information on 180 million users, including email addresses and partial Social Security numbers.
The breach has raised questions about potential connections to recent Snowflake-related attacks, which targeted numerous organizations, including Ticketmaster, Santander Bank, and others, by leveraging customer credentials harvested by infostealer malware. Neiman Marcus has experienced previous data breaches, including incidents in 2013, 2015, and 2020.
SecurityWeek has contacted Neiman Marcus for further details, and the company’s response may provide additional information on this breach.