Neiman Marcus is confirming that they have been pilfered as part of Snowflake. They also claim that there are only 64 thousand plus while Troy Hunt at haveibeenpwned is putting the number close to 32 million.
A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data.
In a separate incident notification published on its website, Neiman Marcus revealed that the data exposed in the attack included names, contact information (e.g., email and postal addresses, and phone numbers), dates of birth, gift card info, transaction data, partial credit card (without expiration dates or CVVs) and Social Security numbers, and employee identification numbers.
While analyzing the data stolen in the breach, Hunt found 30 million unique email addresses and told BleepingComputer that he also confirmed with multiple people whose data was in the stolen database that the information was legitimate.
“That’s obviously a substantial number and I do want to get notifications out to them promptly. The total unique number of addresses I’ll be referring to is 31,152,842,” Hunt told BleepingComputer.
When BleepingComputer contacted a Neiman Marcus spokesperson to confirm Hunt’s findings, they declined to comment. Instead, they pointed us to the data security notification published on the company’s website and said that the 64,472 people mentioned in the Maine filing are those who have received data breach notifications.
Data stolen in Snowflake data theft attackThe disclosure and the data breach notifications came after a threat actor using the “Sp1d3r” handle put Neiman Marcus’ data up for sale on a hacking forum, asking $150,000 for 12 million gift card numbers, 70 million transactions with full customer details, and 6 billion rows of customer shopping records, store information, and employee data.
A joint investigation by SnowFlake, Mandiant, and CrowdStrike revealed that a financially motivated threat actor tracked as UNC5537 used stolen customer credentials to target at least 165 organizations that failed to configure multi-factor authentication (MFA) protection on their SnowFlake accounts.
Recent breaches linked to these attacks, which started in May 2024, include Ticketmaster, Santander, Pure Storage, QuoteWizard/LendingTree, Advance Auto Parts, and Los Angeles Unified.
These are some of the important paragraphs we can take out of this article. If you want to read the entire article, Neiman Marcus data breach: 31 million email addresses found exposed is going to be your article.
Just another one as part of the Snowflake fiasco which is going to get worse before it gets better.