Neiman Marcus Group Victim of Series Cyberattacks

12702001462?profile=RESIZE_400xLuxury department store chain the Neiman Marcus Group[1] has become the latest victim in a series of cyberattacks targeting users of the Snowflake data warehousing platform. The breach affected nearly 65,000 shoppers and exposed sensitive personal information.

In a letter to affected customers, Neiman Marcus stated, "We are writing to notify you of an issue that involves certain of your personal information.  In May 2024, we learned that, between April and May 2024, an unauthorized third party gained access to a database platform used by Neiman Marcus Group."  The compromised data includes customers' names, contact information, dates of birth, and gift card numbers (without PINs).  The company has assured customers that their gift cards remain valid and can be redeemed.[2]

This incident is part of a larger cybersecurity campaign that has affected approximately 165 Snowflake customer accounts.  Other notable victims include Ticketmaster, Santander Bank, and the Los Angeles Unified School District.

Cybersecurity researchers commented on the breach saying, "The incident demonstrates that literally every company is a potential target for an attack.  Every organization that stores data in any shape or form must take measures to protect that data.  Retailers are likely an easier target, as they are not subject to strict security regulations (like defense or critical infrastructure organizations are) and often have a lower IT investment."  What went wrong is that the attacker got access to their Snowflake account credentials, probably as part of the recently discovered Snowflake attack campaign.  It is reported that the attack specifically targeted accounts lacking multi-factor authentication (MFA), which raises the question of why this is not enforced at Snowflake's end.

In response to the breach, Neiman Marcus has taken steps to contain the issue, including disabling access to the affected database platform and launching an investigation with the assistance of cybersecurity experts.  The company has also notified relevant law enforcement.

This is not the first time Neiman Marcus has faced a cybersecurity incident.  In May 2020, the retailer notified 4.6 million online customers of a separate breach that compromised usernames, passwords, security questions, and payment card details.  The recent string of Snowflake-related breaches highlights the importance of robust security measures, particularly multi-factor authentication, for all organizations handling sensitive data.  As cyber threats evolve, companies must remain vigilant and proactive in protecting their customers' information.

Neiman Marcus has advised affected customers to monitor their account statements and credit reports.  The company has also set up a dedicated hotline for customers seeking more information about the breach.


This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  Our services can help detect cyber threats and vulnerabilities.     For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or    


Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings




E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!