Neiman Marcus Group and Michaels Stores, Inc. both have been hit with proposed class actions in federal court by customers seeking to hold the retailers accountable for separate data breaches that the plaintiffs say have put their payment card information at risk. In a suit filed in Georgia federal court, plaintiff Donna Clark said that Neiman Marcus failed to take reasonable steps to safeguard its customers’ data, claiming their privacy rights have been violated and that they could now be at the mercy of identity thieves and fraudsters.
Neiman Marcus disclosed the breach after first learning of it in mid-December, when its merchant processor informed the company of potentially unauthorized payment card activity that occurred following purchases at its stores. Further concerns arose after Neiman Marcus revealed that payment card information for 1.1 million customers had been compromised.
Michael’s revealed in January that it “may have” suffered a data breach, and was named in a similar suit filed in Illinois federal court.
“Defendant did not adequately monitor their information technology system for the presence of intruders in a manner that would enable them to detect this intrusion, so that the breach of security and diversion of customer information was able to continue unnoticed for a period of time,” plaintiff Christina Moyer said in her complaint.
Michaels is based in Irving, Texas, and has more than 1,250 locations across the U.S. Neiman Marcus Group operates out of Dallas, Texas.