Neiman Marcus, the Dallas-based chain of luxury department stores, has agreed to pay $1.5 million in compensation to the 43 states affected by a 2013 data breach, announced Texas Attorney General Ken Paxton on Tuesday.
This sum is significantly lower than Target’s settlement of $18.5 million following that retailer’s data breach in the same year, which was estimated to have costed $150 million.
A nation-wide investigation concluded that, in 2013, a third-party gained unauthorized access to 370,000 credit and debit cards used at 77 Neiman Marcus stores from multiple states. The breach went undetected for three months and was publicly announced in January of 2014. Some 9,200 cards were used for illicit purposes, said Paxton.