Neiman Marcus data breach hits 4.6 million — here's what you need to do

1. Habitation
2. News
3. Security

Neiman Marcus data breach hits 4.6 million — here's what you lot need to do

(Image credit: Helen89/Shutterstock)

Dallas-based department-store chain Neiman Marcus yesterday (Sept. xxx) said that up of iv.6 meg customers who shopped on the Neiman Marcus website had their personal information, including credit-card numbers and business relationship passwords, stolen in a information breach in May 2020, more than a twelvemonth ago.

"The personal information for afflicted Neiman Marcus customers varied and may have included names and contact information; payment card numbers and expiration dates (without CVV numbers); Neiman Marcus virtual gift carte numbers (without PINs); and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts," said a Neiman Marcus press release.

• What to practice after a data alienation
• The best identity theft protection services
• Plus: Your Apple tree Pay payments can exist stolen over the air — what to practise

It's not articulate if and how Neiman Marcus encrypted customer passwords, as nearly companies do. Neiman Marcus said it was forcing customers who had not reset their passwords since May 2020 to do and then now, but didn't specify whether it was actively forcing customers to do so or just waiting until a client tried to log in.

"Approximately 3.ane million payment and virtual gift cards were afflicted, more than 85% of which are expired or invalid," the company added. "No agile Neiman Marcus-branded credit cards were impacted. At this time, the Company has no evidence that Bergdorf Goodman or Horchow online customer accounts were affected."

Many companies encrypt client credit card numbers as well, sometimes leaving only the last four digits visible in plain text. Neiman Marcus did not say how the card numbers it stored were protected.

Customers known to be affected past this breach are being emailed by Neiman Marcus. The text of the email is on this data page the visitor has prepare up: https://www.neimanmarcus.com/editorial/security/online-accounts/.

If you get a Neiman Marcus email near the breach and its text doesn't match, then information technology may be a fake. Customers can also call (866) 571-9725 during most hours on weekdays and weekends — be sure to provide reference number B019206.

What you need to exercise about the Neiman Marcus data breach

If you shopped online at Neiman Marcus in May 2020 or before, the outset matter y'all need to do is to change your Neiman Marcus business relationship password. Don't wait for the company to brand you do it. Brand the new password long and strong, and even more importantly, don't reuse that password anywhere else.

If you did use the same username and password on other accounts, you'll demand to change the passwords on those accounts too, again making sure you don't use a new password more than once. Endeavour using one of the all-time password managers to keep track of them all.

Then check the by 18 months of transaction histories for whatever credit or debit cards you may have used at Neiman Marcus. If you see annihilation unusual or suspicious, tell your card issuer right away.

Neiman Marcus recommends running at least 1 of the free credit reports you can become at annualcreditreport.com.  That's something everyone should do, regardless of data-alienation impact, and as long as the COVID-19 pandemic lasts, you lot can become new costless credit reports every week.

All the same, the visitor is not offering any kind of gratis identity theft protection, as many other companies do in the wake of a information breach.

Yet not clear who hacked Neiman Marcus

The press release said Neiman Marcus hired cybersecurity-response firm Mandiant to look into the data breach. At this moment, the company doesn't know who hacked it, or why it took most a yr and a half for the data theft to come to light.

Neiman Marcus went through Affiliate 11 bankruptcy protection for several months in 2020, citing lack of sales during the height of the COVID-xix pandemic.

This isn't the offset time Neiman Marcus has been hit. In 2014, the company revealed that upward to i.1 million customer credit cards  had been swiped by malware that infected the company's retail-store payment systems.

• Read next: The best internet security suites

Paul Wagenseil is a senior editor at Tom'southward Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the data-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random Tv set news spots and even moderated a panel discussion at the CEDIA home-technology briefing. Yous can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/neiman-marcus-online-data-breach

Posted by: hillhisheight1936.blogspot.com

Share this post