Why is it that they took 17 months to notify us of the data breakin?
Thanks Everyone. That answers my question.
Here is one reason the company has given: https://threatpost.com/neiman-marcus-customers-breach/175284/
In 2013 there was another breach which NM reported as worse than previously reported: https://www.nytimes.com/2014/01/24/business/neiman-marcus-breach-affected-1-1-million-cards.html
In 2018 after a very long legal battle and throwing the consumer under the bus, U.S. District Judge Sharon Johnson Coleman of Chicago rejected a proposed $1.6 million settlement of the case. https://www.reuters.com/article/us-otc-neimanmarcus-classaction/surprise-twist-in-landmark-neiman-marcus-data-breach-case-judge-dissolves-settlement-class-idUSKCN1LY312
In a nutshell, NM was in bankruptcy fighting for its very existence. THEY DIDN'T CARE about consumers nor their responsibility to safeguarding the information they gather about them, their purchases, etc.
SA
Why is it that they took 17 months to notify us of the data breakin?
they? meaning Neiman Marcus?
Neiman Marcus Group is alerting millions of customers that their online accounts may have been breached.
DALLAS, Sept. 30, 2021 /PRNewswire/ -- Neiman Marcus Group ("NMG" or the "Company") recently learned that an unauthorized party obtained personal information associated with certain Neiman Marcus customers' online accounts. NMG notified law enforcement of the issue, which occurred in May 2020, and is working closely with Mandiant, a leading cybersecurity expert, to investigate.
The company said in a news release Thursday that it is notifying 4.6 million customers that information associated with their online accounts may have been obtained by a third party in May 2020.
Shortly after becoming aware of the incident, Neiman Marcus began prompting customers to reset their passwords before they could log in to their online accounts. "Our investigation is ongoing, and we are working quickly to determine the nature and scope of the matter. To protect our customers, we required an online account password reset for affected customers who had not changed their password since May 2020." Consumers should also change their passwords for accounts on other websites where they had used a similar or same password as the one for their Neiman Marcus account.
Neiman Marcus has set up a dedicated webpage accessible from within the US that instructs customers to keep an eye out for unauthorized transactions.
In September 2021, we learned that in May 2020 an unauthorized party obtained personal information associated with certain of our customers’ online accounts.
https://www.neimanmarcus.com/editorial/security/online-accounts/