Neiman Marcus has agreed to pay $1.6 million to settle a data breach class-action lawsuit in Illinois federal court. Court documents show the Dallas-based luxury retailer filed the settlement agreement last week, seeking approval from a federal judge in Chicago where the lawsuit was filed in March 2014. The settlement would cover damages to any customers who shopped at Neiman Marcus, Bergdorf Goodman, Cusp or Last Call between July 2013 and October 2013. Customers must show proof that their financial information was affected by the breach, and can receive payments of up to $100. Of the proposed $1.6 million, $900,000 will pay for plaintiffs’ legal fees and other litigation costs; the remainder will be put into a payment fund. The three-year-old case stemmed from the December 2013 cyber attack that exposed credit card data of an estimated 350,000 Neiman Marcus shoppers.
Total Retail’s Take: The world of cyber security has improved since the series of retail data breaches that took place several years ago. For one, credit and debit card issuers have replaced millions of cards in the U.S. with new EMV chip cards, and retailers have installed new card readers at checkout. The new system is believed to make it harder for thieves to steal customer data while people shop in stores. But unfortunately, hackers are becoming more and more sophisticated, and, as such, customer data breaches continue online. Earlier this week, for example, the personal information of tens of thousands of Saks Fifth Avenue customers became publicly available in plain text online. Unfortunately, keeping on top of cyber attacks and hackers seems like it will be an important part of retail IT departments’ lists of responsibilities for the immediate future.