On June 24, 2024, Neiman Marcus Group LLC filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access a database platform used by Neiman Marcus to store sensitive information. In this notice, Neiman Marcus explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, contact information, dates of birth, Neiman Marcus or Bergdorf Goodman gift card numbers, partial credit card numbers, employee identification numbers and the last four numbers of Social Security numbers. Upon completing its investigation, Neiman Marcus began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Neiman Marcus Group LLC, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Neiman Marcus data breach. For more information, please see our recent piece on the topic here.

What Caused the Neiman Marcus Data Breach?

The Neiman Marcus data breach was only recently announced, and more information is expected in the near future. However, Neiman Marcus’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, in May 2024, Neiman Marcus learned that an unauthorized party was able to access a database platform that the company used to store sensitive information. Evidently, the period of unauthorized access was between April 2024 and May 2024.

Upon learning about the incident, Neiman Marcus secured its systems, disabled the affected platform, and launched an investigation with the help of third-party cybersecurity experts. Neiman Marcus also notified law enforcement.

After learning that sensitive consumer data was accessible to an unauthorized party, Neiman Marcus reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, contact information, date of birth, and Neiman Marcus or Bergdorf Goodman gift card number, partial credit card number, employee identification number and the last four numbers of your Social Security number.

However, subsequently, the owner of “Have I Been Pwned,” recently reviewed the stolen data, noting that it appeared to include 31 million customer email addresses as well. However, Neiman Marcus’ filing with the Attorney General of Maine only listed an estimated 64,472 victims.

On June 24, 2024, Neiman Marcus sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Neiman Marcus Group LLC

Founded in 1907, Neiman Marcus Group LLC is a chain of department stores based in Dallas, Texas. Neiman Marcus operates 36 department stores in the United States as well as two Bergdorf Goodman stores in Manhattan. Neiman Marcus employs more than 10,000 people and generates approximately $5 billion in annual revenue.