Cloud Security, Supply chain

Snowflake breach fallout adds Neiman Marcus

An abstract design of a terminal display, warning about a cyber attack. Multiple rows of hexadecimal code are interrupted by red glowing warnings and single character exclamation marks. The image can represent a variety of threats in the digital world: data theft, data leak, security breach, intrusion, anti-virus failure, etc…

U.S. luxury retailer Neiman Marcus had data from 64,472 individuals compromised following the breach of its Snowflake account, according to The Record, a news site by cybersecurity firm Recorded Future.

Information exposed in the breach included individuals' names, birthdates, contact information, and Neiman Marcus and Bergdorf Goodman gift card numbers, said Neiman Marcus in filings with Maine and Vermont regulators, which did not detail any identity theft protection services for the affected individuals. Such data was being sold for $150,000 by the threat actor "Sp1d3r," who previously posted for sale data allegedly stolen from other entities impacted by the Snowflake hacking campaign, including Santander Bank, Ticketmaster, and Australian ticketing provider TEG. Neiman Marcus' disclosure comes after Advance Auto Parts, LendingTree, and the Los Angeles Unified School District, confirmed having their data compromised as a result of the Snowflake hack, which the data cloud storage provider attributed to its customers' inadequate security protections.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.