AUSTIN, Texas (CBSDFW.COM/AP) — More than 40 state attorneys general, including Texas’, have announced a $1.5 million settlement with The Neiman Marcus Group LLC over a data breach the Dallas-based retailer disclosed in January 2014.
The breach exposed customer credit card data at 77 Neiman Marcus stores nationwide.
During a three-month period in 2013, about 370,000 Neiman Marcus credit cards were accessed by unknown third parties unlawfully, and at least 9,200 were used fraudulently.
Under terms of the settlement announced Tuesday, Neiman Marcus agrees to maintain reasonable procedures to protect customers’ personal data and obtain an information security assessment and report from a third-party professional.
The settlement involves 43 states and the District of Columbia.
“Texas law requires businesses to implement and maintain reasonable safeguards against cyberattacks to protect consumers’ personal information from unlawful use or disclosure,” TexasAttorney General Ken Paxton said in a news release. “I urge companies to evaluate whether they have in place a thorough and ongoing written information security program that serves to safeguard their customers’ information.”
(© Copyright 2019 CBS Broadcasting Inc. All Rights Reserved. The Associated Press contributed to this report.)