Security Affairs
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Neiman Marcus discloses data breach, payment card data exposed

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data. Exposed personal information includes names and […]

Neiman Marcus Group

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information.

The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data.

Exposed personal information includes names and contact information, usernames, passwords, and answers to security questions associated with online accounts.

The security breach impacted 4.6 million online customers, 3.1 million payment and virtual gift cards were compromised, 85% of which were either expired or invalid.

The attackers had access to payment card numbers and expiration dates, while CVV numbers were not compromised. The company also added that virtual gift card numbers, PINs were not compromised too.

“The personal information for affected Neiman Marcus customers varied and may have included names and contact information; payment card numbers and expiration dates (without CVV numbers); virtual gift card numbers (without PINs); and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts. Approximately 4.6 million Neiman Marcus online customers are being notified of this issue.” states the data breach notification. “For these customers, approximately 3.1 million payment and virtual gift cards were affected, more than 85% of which are expired or invalid.”

According to the NMG, it has no evidence that Bergdorf Goodman or Horchow online customer accounts were affected.

The luxury retail company is already notifying the impacted customers, while the investigation is still ongoing.

In response to the security breach, NMG is requiring an online account password reset for affected customers who had not changed their password since May 2020.

“At Neiman Marcus Group, customers are our top priority,” said Geoffroy van Raemdonck, Chief Executive Officer. “We are working hard to support our customers and answer questions about their online accounts. We will continue to take actions to enhance our system security and safeguard information.”

In early 2014, Neiman Marcus disclosed another data breach, at the time attackers had access to its customers’ data, including payment information of those who visited its stores.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]