Neiman Marcus will pay $1.5M in data breach settlement, $29K to Arizona
PHOENIX — Neiman Marcus has agreed to pay $1.5 million as part of a settlement with 43 states and the District of Columbia over the retailer’s breach of customer payment card data, Arizona Attorney General Mark Brnovich announced Tuesday.
In 2014, the chain of luxury department stores disclosed that about 370,000 credit and debit cards from 77 stores were compromised in the breach, and at least 9,200 of those cards were used fraudulently.
Almost 6,000 of the compromised cards were associated with Arizona consumers.
Arizona’s share of the settlement is almost $29,000, which the Arizona Attorney General’s Office said will be deposited into a revolving fund for “future consumer enforcement actions.”
“When consumers use credit or debit cards, they should be able to trust that businesses are treating their sensitive data appropriately and in accordance with clearly disclosed policies,” Brnovich said in a press release.
“This settlement reinforces that principle and sends a message to other retailers that they need to protect customers’ information.”
As part of the settlement, Neiman Marcus also agreed to actions meant to prevent a similar breach, including updating software, undergoing a third-party information security assessment and using encryption technology.