HQ/EMEAFind out how we can help your business
Neiman Marcus, a luxury product retailer, admitted it suffered a data breach incident after hackers tried to sell its database. Based on reports, the attackers acquired the database that could allegedly impact nearly 65,000 people before the Snowflake data breach campaigns emerged.
The initial investigation stated that the company identified the attack last month after an unauthorised third party gained access to a database platform used by Neiman Marcus Group. Moreover, the unauthorised individuals obtained personal information as it was included in the database platform.
The compromised personal information impacted by the attack could include names, contact information, dates of birth, and Neiman Marcus or Bergdorf Goodman gift card numbers. However, the stolen gift card numbers did not include PINs.
In addition, the report assured the company immediately isolated the database platform to prevent further compromise, investigated with the aid of security providers and notified law enforcement agencies.
The Neiman Marcus data breach could have ties with the Snowflake data theft operations.
Data breach notifications arrived for every recipient after a malicious entity called “Sp1d3r” included the Neiman Marcus database in their offered products on a hacker site for $150,000. The ties to the Snowflake data theft campaigns became more apparent since this threat actor is responsible for selling data to several firms that were breached during the recent campaigns.
On the other hand, Sp1d3r did not specify Snowflake in the post, but they included “Raped Flake,” which refers to a modified tool of the same name that the threat actors designed to steal data from the database platform.
According to the threat actor’s post on the hacking forum, the stolen database includes the information given by Neiman Marcus on the notification letters, the last four digits of social security numbers, customer transactions, emails, shopping records, staff data, and millions of gift card numbers.
The threat actor alleges that prior to the forum posting, it attempted to extort Neiman Marcus but refused to comply with the extortion demand. However, after the threat actor posted the stolen database on the forum, it immediately removed it, along with the data sample, implying that the affected company may have started a negotiation with the attackers.
