Neiman Marcus Data Breach: Analysis and Example of How Criminals Exploit Data Using AI

The recent Neiman Marcus data breach was detailed in an official communication to their customers. In May 2024, Neiman Marcus Group (NMG) discovered that an unauthorized party accessed a cloud database containing personal information. The compromised data included names, contact details, birthdates, gift card information (without PINs), transaction data, partial credit card numbers, Social Security digits, and employee IDs. For more information, you can visit their official statement here.

Breach Details and Data Exposed

On June 25th, a threat actor, known as “Sp1d3r,” attempted to sell the stolen data on a hacking forum for $150,000. The data set includes 12 million gift card numbers, 70 million transactions with detailed customer information, and 6 billion rows of customer shopping records and store information according to the threat actor.

The compromised data includes the following information, as can be found in the screenshots below.

  • Full names
  • Email addresses
  • Dates of birth
  • Partial credit card numbers
  • Credit card types
  • Home and billing addresses
  • IP addresses
  • Gift card numbers (with name, gift card number, balances and more)
  • Purchase locations

Constella Intelligence’s breach analysis confirmed the exposure of the previously mentioned customer data. Additionally, the analysis revealed that the dataset likely contained personal information of several high-profile individuals from various sectors, including politics, fashion, and film.

The exposure of their data significantly increases the risk of targeted attacks, identity theft, and other social engineering attacks.

Understanding Criminals’ Use of Data & AI: Safeguarding Against Scams with ScamGPT

Cybercriminals can take advantage of attributes such as names, email addresses, financial information, or transaction history using AI technologies to enhance their malicious activities. Here are some potential risks:

  • Automated Phishing Campaigns: AI can analyze the exposed data to craft highly personalized and convincing phishing emails, increasing the likelihood of recipients falling for scams.
  • Identity Fraud: Tools can quickly sift through large data sets to compile comprehensive profiles of individuals, making it easier for cybercriminals to impersonate victims and commit fraud.
  • Social Engineering Attacks: As previously mentioned, with the vast amount of compromised personal information, cybercriminals can craft highly sophisticated social engineering attacks. These attacks deceive individuals into divulging even more sensitive data or taking actions that compromise their security. By leveraging detailed personal profiles, attackers can tailor their tactics to exploit specific vulnerabilities, making their schemes more convincing and harder to detect.
  • Credential Stuffing. Algorithms can automate the process of trying to expose usernames and passwords across multiple websites, gaining unauthorized access to various accounts.

Below is an example of a scam automatically generated using AI and dummy data that simulates the information shared by “Sp1d3r.”

At Constella, we’ve identified a significant rise in the use of these techniques, leading to more sophisticated, credible, and effective attacks. These AI-driven scams leverage detailed personal profiles to craft convincing narratives, making them harder to detect and more likely to succeed.

To help combat this threat, Constella recently announced its new ScamGPT solution, which processes a target’s surface of attack using trained generative AI algorithms to generate hyper-targeted “scams,” which can then be used to help train individuals on this emerging, real-world threat.

Recommendations

Considering the recent Neiman Marcus data breach and the growing use of AI technologies by cybercriminals, victims should take precautions such as the below to help avoid further attacks:

  1. Be Wary of Phishing Attempts: Be cautious of unsolicited emails, messages, or phone calls asking for personal information. Verify the authenticity of the source before responding.
  • Enable Multi-Factor Authentication (MFA): Add an extra layer of security to your accounts by enabling MFA. This helps protect your accounts even if your password is compromised.
  • Regularly Monitor Your Accounts: Keep an eye on your bank statements, credit card bills, and other financial accounts for any suspicious activity and report any unauthorized transactions.
  • Protect Gift Cards: Given that some gift card information was compromised, it is crucial to take proactive steps. If you have Neiman Marcus gift cards, monitor their balances regularly and report any unauthorized transactions to the issuer immediately. This will help protect your funds and ensure any suspicious activity is addressed quickly.