It’s not your imagination—the number of significant data breaches and cyberattacks is on the rise. Among the latest prominent victims is Dallas-based retailer Neiman Marcus, who recently notified 4.6 million customers that information associated with their online accounts may have been accessed by an unauthorized third party in May 2020. [i

In addition to notifying customers, the company has alerted law enforcement and is working with a cybersecurity firm to investigate the situation. Information compromised in the attack included customers’ names, contact information, payment card numbers and expiration dates, virtual gift card numbers, usernames, passwords, and security questions and answers associated with Neiman Marcus accounts.  

According to the company, of the approximately $3.1 million payment and virtual gift cards affected, 85% were expired or invalid, and they claim to have no evidence that information obtained has been sold on the dark web. Neiman Marcus has also stated that it has no reason to believe that its subsidiaries, Bergdorf Goodman and Horchow, were affected.  

Neiman Marcus has also advised their customers to: 

  • Change their account password as soon as possible, especially if they haven’t changed it since May 2020 
  • Report any unauthorized activity on their accounts, and  
  • Monitor their credit reports for fraud. 

Big Companies, Big Targets 

Neiman Marcus is far from being the only major business making headlines for being the victim of a successful cyberattack this year. Among the household names that have been affected in 2021 are:  

  • McDonald’s 
  • Volkswagen 
  • T-Mobile 
  • Carnival 
  • Coinbase.  

While some of these attacks have had more serious consequences than others—like the Coinbase phishing scheme, where hackers successfully stole funds from 6,000 customers, [ii] and the T-Mobile breach, whose customers had both Social Security numbers and driver’s license information stolen [iii]—they all resulted in negative publicity and a steep decline in customer trust.  

Well-known companies make obviously attractive targets for bad actors, but it isn’t safe for smaller organizations to assume they’re flying under the radar. Hackers also target small- to medium-sized companies because they’re less likely to have the sophisticated defenses and resources that a giant corporation can deploy, making it much easier for them to lock up your systems with a ransomware attack or pilfer sensitive information to be sold on the dark web.  

Unfortunately, smaller companies lacking national name recognition are also much less likely to recover from the reputational and financial damage a devastating security breach can cause. Attacks that expose sensitive customer information also leave companies open to potential legal liability for failing to maintain reasonable cybersecurity safeguards.  

While this may sound scary, and a bit overwhelming, the good news is that you don’t have to just sit, wait, and pray that you won’t be the victim of an attack; on the contrary, proactive measures, such as an exhaustive security review, will help you identify problems before hackers even get the chance to take advantage of you. 

The Best Time for a Security Risk Assessment 

You can’t hop in a time machine and have Petronella Technology Group (PTG) perform an expert audit on your network yesterday – or AFTER you have experienced a catastrophic breach—but you can contact us today to schedule one. A thorough security risk assessment can identify weaknesses in your system and give you the opportunity to remediate them before hackers have the opportunity to find and exploit them. 

Our trained security professionals will conduct a deep review of your network and deliver a comprehensive security report detailing our findings and recommendations. We’ll identify your assets, potential threats, and vulnerabilities. Further, we’ll assess the possible impact of a cyberattack and the likelihood of one successfully exploiting identified weaknesses in your system. Our analysis will include recommended actions to remediate problems and strengthen your security controls to avert hacks, ransomware attacks, and other crimes before they occur. 

How Prepared Are You? 

If you’re not sure if your company has the proper security controls in place to keep your sensitive data safe, then you probably don’t. The risk of your business becoming the victim of a cataclysmic cyber attack increases every day; the time to act is now.  

PTG has the expertise to pinpoint and remediate vulnerabilities in your systems before the worst occurs. Contact us to schedule a free consultation by clicking here or calling us at 919-646-3780. 

[i] https://dfw.cbslocal.com/2021/10/01/neiman-marcus-cybersecurity-4-million/ 

[ii] https://markets.businessinsider.com/news/currencies/coinbase-data-breach-crypto-customers-funds-stolen-accounts-phishing-attack-2021-10 

[iii] https://www.businessinsider.com/t-mobile-hack-40-million-customers-information-stolen-data-breach-2021-8  

The post Neiman Marcus Data Breach  appeared first on Cybersecurity | Ransomware | Managed IT.

Craig Petronella

Craig Petronella is the founder of Petronella Technology Group, Inc. (PTG) an internationally trusted IT cybersecurity and compliance consulting group with over 30 years’ experience helping federal contractors and businesses with cybersecurity and compliance regulations, and who’s patented 22-layer systems cover your People,

Craig Petronella is the founder of Petronella Technology Group, Inc. (PTG) an internationally trusted IT cybersecurity and compliance consulting group with over 30 years’ experience helping federal contractors and businesses with cybersecurity and compliance regulations, and who’s patented 22-layer systems cover your People, Processes and Technology.

Craig is an Amazon #1 Best-Selling Author of many books, including “The Ultimate Guide To CMMC”, founder of the podcast Cybersecurity and Compliance with Craig Petronella – CMMC, NIST, DFARS, HIPAA, GDPR, ISO27001 https://petronellatech.buzzsprout.com/ and is an MIT Certified Professional in AI, Blockchain, Cybersecurity and Compliance.

Almost all of Craig’s clients are earned by referral with little or no advertising, and he is well-known and highly-regarded in professional circles throughout the US, after serving as compliance consultant and conducting onsite risk assessments for over 500 medical practices, hospitals, and business associates across the country.

Continuity of your business operations starts with cybersafety.

PTG provides Cybersecurity & Compliance Consulting Services, including:

We help defense contractors, medical practices, law firms and various businesses that are regulation comply with ANY regulation, including:

  • CMMC
  • DFARS
  • NIST 800-53 & 171
  • DFARS
  • HIPAA & HITECH
  • SOX
  • All ISO & SOC levels
  • & Many More…

We serve customers across all sectors in public & private organizations. We understand that each industry and organization has unique IT challenges and our expertise enables us to help you navigate the regulatory mandates and customize a solution tailored to your needs.

Show more Show less