Neiman Marcus data breach impacts 4.6 million customers.

 (credit: Jordan Nix)

Neiman Marcus Group (NMG), an American luxury store, recently announced a serious data breach affecting nearly 4.6 million consumers. After "an unauthorized entity" stole personal information from select Neiman Marcus customers' online accounts, the breach occurred sometime in May 2020. Neiman Marcus is cooperating with law enforcement agencies and has enlisted the help of cybersecurity firm Mandiant.

Credit card and gift card numbers exposed

Yesterday, Neiman Marcus disclosed that its 2020 data breach impacted about 4.6 million customers with Neiman Marcus online accounts. The personal information of these customers was potentially compromised during the incident. The bits of information include:

• Names, addresses, contact information
• usernames and passwords of Neiman Marcus online accounts
• Payment card numbers and expiration dates (although no CVV numbers)
• Neiman Marcus virtual gift card numbers (without PINs)
• Security questions of Neiman Marcus online accounts

For the millions of customers being notified about the incident, "approximately 3.1 million payment and virtual gift cards were affected, more than 85% of which are expired or invalid," said the company in a statement released Thursday. No active Neiman Marcus-branded credit cards were impacted. As of now, there's also no indication that online customer accounts at Bergdorf Goodman or Horchow were impacted.