Neiman Marcus has agreed to pay $1.6 million to settle a data breach class action in Illinois federal court.
The three-year-old case stemmed from the December 2013 cyber attack that exposed credit card data of an estimated 350,000 Neiman Marcus shoppers.
The high-profile incident, caused by malware installed on Neiman Marcus terminals, was similar to a larger attack on Target and other retailers in 2013 and 2014. The Dallas-based retailer disclosed the breach in January 2014. Credit and debit card issuers have replaced millions of cards in the U.S. with new EMV chip cards and retailers have installed new readers at the checkout. The new system is believed to make it harder for thieves to steal customer data while people shop in stores.
But customer data breaches continue online. The personal information of tens of thousands of customers of Saks Fifth Avenue has been publicly available in plain text online, BuzzFeed News reported this morning. The owner of Saks, Hudson’s Bay, confirmed the incident and said “We want to reassure our customers that no credit, payment, or password information was ever exposed. The security of our customers is of utmost priority and we are moving quickly and aggressively to resolve the situation, which is limited to a low single-digit percentage of email addresses. We have resolved any issue related to customer phone numbers, which was an even smaller percent.”
In the Neiman Marcus case, the settlement class is made up of U.S. residents who held a credit card or debit card account that was used in any Neiman Marcus store at any time from July 16, 2013 to January 10, 2014. There are 640,000 settlement class members, according to court documents. Notices will be going out to potential members of the class soon.
“The plaintiffs haven’t shown that they suffered any unreimbursed fraudulent charges on their payment cards,” according to court documents.
The case, filed in March 2014, dragged on, more recently in mediation. In February, U.S. District Court Judge Samuel Der-Yeghiayan said it was clogging his docket with extension requests and there was no progress in the settlement talks. He terminated the case last month. In recent weeks, the parties got together and asked him to reopen it, then quickly settled.
In 2014, the Illinois district court dismissed the case, but then it was appealed by the plaintiffs and the Seventh Circuit Court of Appeals reversed the district court in January 2015. The case was remanded back to the district court for further proceedings.
Source: www.dallasnews.com
Be the first to comment on "Neiman Marcus to Pay $1.6 Million in Shopper Data Breach Lawsuit"