Security News Neiman Marcus data breach: 31 million email addresses found exposed

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,104
A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data.

Hunt's findings come after the company filed a breach notification with the Office of the Maine Attorney General, stating that the breach only impacted 64,472 people.

In a separate incident notification published on its website, Neiman Marcus revealed that the data exposed in the attack included names, contact information (e.g., email and postal addresses, and phone numbers), dates of birth, gift card info, transaction data, partial credit card (without expiration dates or CVVs) and Social Security numbers, and employee identification numbers.

While analyzing the data stolen in the breach, Hunt found 30 million unique email addresses and told BleepingComputer that he also confirmed with multiple people whose data was in the stolen database that the information was legitimate.

"That's obviously a substantial number and I do want to get notifications out to them promptly. The total unique number of addresses I'll be referring to is 31,152,842," Hunt told BleepingComputer.

He said that roughly 105,000 Have I Been Pwned subscribers found in the data set will receive an email informing them of this massive data breach.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top