Complaint filed against Neiman Marcus, slams breach response

Share this article:

A class-action complaint was filed against Neiman Marcus in the Eastern District of New York on Monday, just days after the major retailer announced that an undisclosed number of payment cards may have been stolen in a breach.

The complaint – which alleges that damages in the incident exceed $5 million – seeks equitable relief for all impacted individuals, but Melissa Frank is named as lead plaintiff because she alleges that fraudulent charges made on her debit card are a result of the incident.  

Affected consumers are likely to have swiped their cards at U.S. Neiman Marcus stores (including “Last Call” outlets) at some point between Dec. 15, 2013, and Jan. 1., according to the complaint.

“[Neiman Marcus] failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint, which adds that the retail giant only revealed a breach had transpired after technology journalist Brian Krebs broke the story on Jan. 10.

In a response to follow-up inquiries made on Wednesday by SCMagazine.com, Ginger Reeder, vice president of corporate communications with Neiman Marcus, said there is nothing more to report at this time.  

“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our merchant processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation,” according to a Monday statement sent to SCMagazine.com by Reeder, in which Neiman Marcus confirmed an incident occurred.

About 40 million payment cards are among the heaps of data stolen in a recent attack on Target's point-of-sale machines, but even though the incidents are similar and are said to have occurred around the same time, there has been no confirmation that the thefts are connected.

On Sunday, Reuters reported similar attacks compromised three other “well-known U.S. retailers,” which have yet to come forward.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.