Security News > 2024 > July > Neiman Marcus data breach: 31 million email addresses found exposed
![Neiman Marcus data breach: 31 million email addresses found exposed](/static/build/img/news/neiman-marcus-data-breach-31-million-email-addresses-found-exposed-medium.jpg)
A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data.
In a separate incident notification published on its website, Neiman Marcus revealed that the data exposed in the attack included names, contact information, dates of birth, gift card info, transaction data, partial credit card and Social Security numbers, and employee identification numbers.
While analyzing the data stolen in the breach, Hunt found 30 million unique email addresses and told BleepingComputer that he also confirmed with multiple people whose data was in the stolen database that the information was legitimate.
In June, after it first disclosed the data breach, Neiman Marcus also linked the incident to the Snowflake data theft attacks in a statement to BleepingComputer.
The disclosure and the data breach notifications came after a threat actor using the "Sp1d3r" handle put Neiman Marcus' data up for sale on a hacking forum, asking $150,000 for 12 million gift card numbers, 70 million transactions with full customer details, and 6 billion rows of customer shopping records, store information, and employee data.
Neiman Marcus confirms data breach after Snowflake account hack.
News URL
Related news
- Formula 1 governing body discloses data breach after email hacks (source)
- Collection agency FBCS ups data breach tally to 3.2 million people (source)
- Frontier warns 750,000 of a data breach after extortion threats (source)
- Frontier warns 750,000 of a data breach after extortion threats (source)
- Christie's starts notifying clients of RansomHub data breach (source)
- 23andMe data breach under investigation in UK and Canada (source)
- Cylance confirms data breach linked to 'third-party' platform (source)
- Pure Storage confirms data breach after Snowflake account hack (source)
- Cylance clarifies data breach details, except where the data came from (source)
- Life360 says hacker tried to extort them after Tile data breach (source)