by

Neiman Marcus data breach hits 4.6 million — here’s what you need to do

Dallas-based department-store chain Neiman Marcus yesterday (Sept. 30) said that upward of 4.6 million customers who shopped on the Neiman Marcus website had their personal information, including credit-card numbers and account passwords, stolen in a data breach in May 2020, more than a year ago.

“The personal information for affected Neiman Marcus customers varied and may have included names and contact information; payment card numbers and expiration dates (without CVV numbers); Neiman Marcus virtual gift card numbers (without PINs); and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts,” said a Neiman Marcus press release. 

It’s not clear if and how Neiman Marcus encrypted customer passwords, as most companies do. Neiman Marcus said it was forcing customers who had not reset their passwords since May 2020 to do so now, but didn’t specify whether it was actively forcing customers to do so or just waiting until a customer tried to log in.

Read Full Story

Comment

Leave a Reply

Your email address will not be published.