Back to Data breach

Data breach

Neiman Marcus agrees to $1.5 million settlement for 2013 data breach.

On January 8, 2019, Texas Attorney General Ken Paxton announced a $1.5 million settlement with The Neiman Marcus Group LLC, a luxury department store chain in the U.S., over a data breach that affected 65,644 customers in 2013.

What happened?

The breach exposed customer card data used at 77 Neiman Marcus stores nationwide. About 350,000 payment cards were accessed by unknown third parties unlawfully from July 16, 2013 to October 30, 2013, and at least 9,200 cards were used fraudulently. Neiman Marcus said that malware had been quietly placed in its systems to steal card data during the specified period.

Under the terms of the settlement, Neiman Marcus will maintain reasonable procedures to protect its customers’ personal information and prevent future attacks by hackers. Neiman Marcus is conducting a full review of all its payment card information systems, as well as a vulnerability assessment with the payment card brands, the company’s merchant processor, and a leading forensics firm. Besides that, Neiman Marcus is reviewing and reinforcing its intrusion detection systems, firewalls, and other security tools.

Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.

How can ManageEngine help with situations like this?

Log360, our comprehensive SIEM solution, can help your organization:

  • Detect cross-site scripting (XSS) attacks, malicious file installation, DoS attacks, SQL injection, and more with its real-time correlation capability. The solution also notifies you instantly about attempted and successful attacks, and provides detailed investigation reports to prevent future attacks.
  • Spot potential intrusions or unauthorized network access attempts by comparing your network's log data with the data from the global IP threat database and Log360’s STIX/TAXII threat feed processors.
  • Detect potential insider threats with Log360’s user behavior analytics engine, which uses machine learning to create a baseline of normal activities that are specific to each user and notifies security personnel instantly when there's a deviation from this norm.
  • Monitor user activity within a database, account and permission changes in database servers, and more.

Get started with Log360.

log-management-real-time-active-directory-change-auditing

Share:

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.