Breach Database / Neiman Marcus
Yes — Neiman Marcus was breached.
- 31.2 million accounts affected
- Breach occurred 2024-04-14 · neimanmarcus.com
- Verified entry in the Have I Been Pwned catalog
What happened
In May 2024, the American luxury retailer Neiman Marcus suffered a data breach which was later posted to a popular hacking forum. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.
What data was exposed
- Dates of birth
- Email addresses
- IP addresses
- Names
- Partial credit card data
- Phone numbers
- Physical addresses
- Purchases
What to do right now
- Watch your card and bank statements. Set up transaction alerts, and consider a card freeze or replacement if the exposure included full card numbers.
- Be alert for smishing and SIM-swap attempts. Treat unexpected texts and "carrier" calls with suspicion; add a PIN/port-freeze with your mobile carrier.
- Watch for targeted phishing mail. A leaked home address makes postal and doorstep scams more convincing.
- Expect convincing phishing emails. Attackers use breached details to write personalized emails. Be suspicious of any message referencing this service.
- Check your other accounts on Have I Been Pwned. Your email address may appear in other breaches you don't know about yet.
- Monitor the apps you use going forward. Clearly watches the breach record for the companies behind your apps and alerts you the moment one appears.
Breach data from Have I Been Pwned. Listing here means the service appears in the public breach record — not that your personal data was affected.