Neiman Marcus Data Breach  – Class Action Investigation

Chimicles Schwartz Kriner & Donaldson-Smith LLP is investigating a data breach reported by Neiman Marcus on September 30, 2021. The company said in a news release that it is notifying 4.6 million customers that information associated with their online accounts may have been obtained by a third party in May 2020. The breached information includes:

  • Names, addresses, contact information
  • Usernames and passwords of Neiman Marcus online accounts
  • Payment card numbers and expiration dates (although no CVV numbers)
  • Neiman Marcus virtual gift card numbers (without PINs)
  • Security questions of Neiman Marcus online accounts

According to the company’s statement, “[a]pproximately 4.6 million Neiman Marcus online customers are being notified of this issue. For these customers, approximately 3.1 million payment and virtual gift cards were affected.” The company’s statement is accessible at https://www.neimanmarcusgroup.com/2021-09-30-Neiman-Marcus-Confirms-Unauthorized-Access-to-Customer-Online-Accounts.

Shortly after becoming aware of the incident, Neiman Marcus began prompting customers to reset their passwords before they could log in to their online accounts: “To protect our customers, we required an online account password reset for affected customers who had not changed their password since May 2020.” Neiman Marcus also instructed customers to monitor their payment card accounts for unauthorized transactions but, at this time, does not appear to be providing free credit monitoring services to impacted consumers—a courtesy that has increasingly become the norm for most organizations hit by breaches concerning consumer personal identification information and/or payment information.

This sensitive information is valuable to criminals who place stolen payment card data for sale on the dark web, which other criminals purchase in order to perpetrate identity theft and other frauds. Criminals can also use this stolen information to create counterfeit cards to purchase high-priced items from other retailers.

If you have ever maintained an online account with Neiman Marcus and/or used a debit or credit card at one of Neiman Marcus’ many locations across the U.S., and think your personal financial information was compromised by this recent data breach, please contact the lawyers listed on this page.

(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.

Attorneys for this case:

Benjamin F. Johns
Mark B. DeSanto
Samantha E. Holbrook