Customer information said to have been stolen from Neiman Marcus's Snowflake instance has been put up for sale on the dark web for $150,000. That would make the fancy department store chain the latest outfit to have had its data swiped from its cloud-based Snowflake storage and peddled on an underworld forum. Between April and May, an intruder accessed 64,472 shoppers' names, contact information, dates of birth, and Neiman Marcus or Bergdorf Goodman gift card number(s) — but not the gift card PINs — according to a privacy breach notification submitted to the Maine Attorney General in the US by the luxury retailer.
In that disclosure, the swish garb slinger blamed the theft on an "unauthorized third party" breaking into "a database platform used by Neiman Marcus Group." A Neiman Marcus spokesperson declined to answer whether it had turned on multi-factor authentication (MFA) for that database – an oversight common among victims of recent raids on Snowflake cloud accounts – though did confirm to El Reg that the unnamed platform was indeed Snowflake. The rep told us: Neiman Marcus Group (NMG) recently learned that an unauthorized party gained access to a cloud database platform used by NMG that is provided by a third party, Snowflake.
Promptly after discovering the incident, NMG took steps to contain it, including by disabling access to the platform. We also began an investigation with assistance from leading cybersecurity experts and notified law enforcement authorities.
