Complaint filed against Neiman Marcus, slams breach response

Share this article:

A class-action complaint was filed against Neiman Marcus in the Eastern District of New York on Monday, just days after the major retailer announced that an undisclosed number of payment cards may have been stolen in a breach.

The complaint – which alleges that damages in the incident exceed $5 million – seeks equitable relief for all impacted individuals, but Melissa Frank is named as lead plaintiff because she alleges that fraudulent charges made on her debit card are a result of the incident.  

Affected consumers are likely to have swiped their cards at U.S. Neiman Marcus stores (including “Last Call” outlets) at some point between Dec. 15, 2013, and Jan. 1., according to the complaint.

“[Neiman Marcus] failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint, which adds that the retail giant only revealed a breach had transpired after technology journalist Brian Krebs broke the story on Jan. 10.

In a response to follow-up inquiries made on Wednesday by SCMagazine.com, Ginger Reeder, vice president of corporate communications with Neiman Marcus, said there is nothing more to report at this time.  

“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our merchant processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation,” according to a Monday statement sent to SCMagazine.com by Reeder, in which Neiman Marcus confirmed an incident occurred.

About 40 million payment cards are among the heaps of data stolen in a recent attack on Target's point-of-sale machines, but even though the incidents are similar and are said to have occurred around the same time, there has been no confirmation that the thefts are connected.

On Sunday, Reuters reported similar attacks compromised three other “well-known U.S. retailers,” which have yet to come forward.

Share this article:

Sign up to our newsletters

More in News

Details emerge about PlugX/Kaba RAT in Pacific Rim

FireEye researchers took a closer look at the malware and provided details in a blog post last week.

Michaels class-action suit tossed after plaintiffs can't show damage

A judge ruled that plaintiffs couldn't show monetary damage in suit filed after a breach exposed data on 2.6 million of the retailer's customers.

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.