Violación de datos en Neiman Marcus expuso millones de direcciones de correo electrónico de usuarios.

It seems that the recent security breach at Neiman Marcus is much larger than what the company originally reported, potentially affecting millions of customers. In a notification submitted to the Office of the Maine Attorney General, the company acknowledged the breach but stated that only around 65,000 individuals were impacted.

Nevertheless, Troy Hunt, the founder of HaveIBeenPwned?, a service that alerts individuals to data breaches involving their email addresses, conducted an analysis of the compromised data. According to Hunt, the data breach exposed over 31 million customer email addresses, a significantly higher number than Neiman Marcus initially disclosed.

When asked to comment on the situation, Neiman Marcus referred back to its original statement, maintaining that only 65,000 individuals were affected. The stolen data was reportedly obtained from a compromised Snowflake database.

The unauthorized access incident involved an external cloud database platform utilized by Neiman Marcus, provided by a third-party, Snowflake. The company confirmed that the compromised data included customers' personal details such as names, contact information, birth dates, gift card information, transaction records, partial credit card details, Social Security Numbers, and employee IDs.

Last month, an entity known as Sp1d3r offered for sale on the dark web an archive containing sensitive information of Neiman Marcus customers, allegedly extracted from the compromised Snowflake database. The data included the last four digits of social security numbers, customer transactions, emails, shopping histories, employee data, and more.

In a public statement, Neiman Marcus disclosed the extent of the data breach and the types of information that were compromised, reassuring customers of their commitment to address the situation.