Complaint filed against Neiman Marcus, slams breach response

Share this article:

A class-action complaint was filed against Neiman Marcus in the Eastern District of New York on Monday, just days after the major retailer announced that an undisclosed number of payment cards may have been stolen in a breach.

The complaint – which alleges that damages in the incident exceed $5 million – seeks equitable relief for all impacted individuals, but Melissa Frank is named as lead plaintiff because she alleges that fraudulent charges made on her debit card are a result of the incident.  

Affected consumers are likely to have swiped their cards at U.S. Neiman Marcus stores (including “Last Call” outlets) at some point between Dec. 15, 2013, and Jan. 1., according to the complaint.

“[Neiman Marcus] failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach,” according to the complaint, which adds that the retail giant only revealed a breach had transpired after technology journalist Brian Krebs broke the story on Jan. 10.

In a response to follow-up inquiries made on Wednesday by SCMagazine.com, Ginger Reeder, vice president of corporate communications with Neiman Marcus, said there is nothing more to report at this time.  

“We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our merchant processor, a leading investigations, intelligence and risk management firm, and a leading forensics firm to investigate the situation,” according to a Monday statement sent to SCMagazine.com by Reeder, in which Neiman Marcus confirmed an incident occurred.

About 40 million payment cards are among the heaps of data stolen in a recent attack on Target's point-of-sale machines, but even though the incidents are similar and are said to have occurred around the same time, there has been no confirmation that the thefts are connected.

On Sunday, Reuters reported similar attacks compromised three other “well-known U.S. retailers,” which have yet to come forward.

Share this article:

Sign up to our newsletters

More in News

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

Tech manufacturer's online payment system breached

LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.

The Heartbleed bug works, and could be a scapegoat for older breaches

The Heartbleed bug works, and could be a ...

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached ...