Neiman Marcus Details

    Organization Logo

    Neiman Marcus

    Dallas, Texas13500 employees • Retail

    https://www.neimanmarcus.com/

    Industry

    Retail

    Security Incidents

    1

    Neiman Marcus is a luxury department store chain headquartered in the United States. It was founded in 1907 by Herbert Marcus, Sr., his sister Carrie Marcus Neiman, and her husband A.L. Neiman, in Dallas, Texas. The company is renowned for its high-end fashion, carrying prestigious designer brands, and offering personalized services tailored to wealthy clientele. Over the years, Neiman Marcus has become a name synonymous with luxury retail, particularly known for its annual Christmas Book, which features extravagant fantasy gifts.

    Throughout its history, Neiman Marcus has expanded its footpri...
    Show more

    Security Incidents

    Neiman Marcus Breach of Jun 2024
    Severity Score
    Moderate

    Type

    Unknown

    Summary

    Neiman Marcus experienced a significant data breach impacting over 64,000 individuals, traced back to their data storage provider, Snowflake. The breached information included names, contact details, dates of birth, and gift card numbers from Neiman Marcus and Bergdorf Goodman. The breach was exploited by a hacker known as Sp1d3r, who listed the stolen data for $150,000 on a cybercriminal forum before the post was removed. Neiman Marcus promptly contained the breach, disabled access to the affected platform, launched an investigation with cybersecurity experts, and informed law enforcement. Sn...
    Show more

    Severity

    The Neiman Marcus data breach, tied to the recent Snowflake data theft attacks, affected 64,472 individuals, exposing personal information, including names, contact details, dates of birth, and gift card numbers (excluding PINs). The breach, enabled by a sophisticated custom tool referred to as "Raped Flake," compromised sensitive customer and employee data, and was further complicated by a failed extortion attempt by the threat actor, "Sp1d3r." Given the significant number of individuals impacted, the complexity and sophistication of the attack, and the potential for misuse of exposed data, t...
    Show more

    Impact

    The Neiman Marcus data breach was a significant incident involving unauthorized access to the company's Snowflake database. The breach, which occurred between April and May 2024, impacted 64,472 individuals, exposing various types of personal information, including names, contact details, dates of birth, and gift card numbers without PINs. While no systems were taken offline, and gift cards remain valid without the compromised PINs, the breach did not spare internal data; customer transactions, emails, shopping records, and employee data were among the compromised information. This incident un...
    Show more

    Other incidents caused by this Neiman Marcus incident

    9 / 10
    AT&T

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos