What happened
According to public breach records, the Neiman Marcus data breach on April 14, 2024 is reported to have exposed the personal information of 31,152,842 accounts.
In May 2024, the American luxury retailer Neiman Marcus suffered a data breach which was later posted to a popular hacking forum. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.
In May 2024, Neiman Marcus Group disclosed that an unauthorized party had gained access to a cloud database platform it used from a third-party provider, Snowflake; a joint investigation by Snowflake, Mandiant, and CrowdStrike attributed the wider campaign to a financially motivated threat actor (tracked as UNC5537) that used stolen customer credentials to reach Snowflake accounts lacking multi-factor authentication. The data first surfaced when a hacker using the handle "Sp1d3r" offered it for sale on a hacking forum, and the full scale became public when Troy Hunt of Have I Been Pwned analyzed the stolen dataset and identified 31,152,842 unique email addresses, far exceeding the company's initial regulatory filings. The exposed records included names, email and postal addresses, phone numbers, dates of birth, partial credit card numbers (without expiration dates or CVVs), and purchase/transaction data.
What data was exposed
The following types of personal data were compromised:
- Dates of birth
- Email addresses
- IP addresses
- Names
- Partial credit card data
- Phone numbers
- Physical addresses
- Purchases
Breach details
| Detail | Value |
|---|---|
| Breach name | Neiman Marcus |
| Date | April 14, 2024 |
| Accounts affected | 31,152,842 |
| Domain | neimanmarcus.com |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by Neiman Marcus; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Treat unsolicited emails, calls, and texts referencing Neiman Marcus or Bergdorf Goodman purchases as potential phishing — the leaked mix of name, email, phone, and purchase history makes targeted scams convincing; don't click links or share details from inbound contact.
- Monitor the payment card linked to your account for unfamiliar charges; although only partial card numbers leaked, enable transaction alerts and ask your bank for a replacement if anything looks off.
- Add extra scrutiny to any account-recovery or identity-verification request that uses your date of birth and address — these static details were exposed together and can't be changed.
- Consider a credit freeze or fraud alert given the name, date of birth, and physical address exposed in the same dataset.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
- Neiman Marcus data breach: 31 million email addresses found exposed (BleepingComputer)
- Neiman Marcus confirms data breach, claims its Snowflake account was hacked (TechRadar)
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →