Neiman Marcus is known for its luxury goods, whether it is clothing, handbags, shoes and more; however, the retailer is proving that companies feel the lasting effects from a data breach long after it happens. The situation began in December 2013 when the high-end retailer found that some customers had fraudulent charges on their credit cards; therefore the company disclosed in January 2014 that the data breach affected 350,000 credit card holders.
Data breaches are common and seem to be reported on a monthly or even weekly basis. So what makes the Neiman Marcus incident still relevant? The difference is that the victims are suing Neiman Marcus in a class-action lawsuit because they claim that, “the company was negligent, breached its implied contract with customers, engaged in unfair and deceptive business practices, and violated state data breach laws,” according to the National Law Review.
At first the ruling was dismissed because “both the individual plaintiffs and the class lacked standing under Article III of the Constitution.” However, in a recent appeal the court claimed that, “the district court erred and the plaintiffs satisfy Article III’s requirements based on at least some of the injuries they have identified,” the court stated. “We thus reverse and remand for further proceedings.”
The rationale of the lawsuit is that even though there were only claims of 9,200 being used fraudulently, there is risk in fraudsters using the data long after the breach. Additionally, that if the fraudsters did not consider the information valuable, they would have not taken it in the first place.
Neiman Marcus is one of numerous companies that show the importance of being proactive in implementing strong cyber security efforts. Through proactively safeguarding systems, a company can protect the data it stores and its brand image, which is essential in situations like Neiman Marcus that cause financial harm and reputation issues long after the news cycle ends.