DallasNews.com

Dallas-based Neiman Marcus will pay $1.5 million to 43 states over a 2013 data breach that exposed the credit card information of 370,000 customers. Texas Attorney General Ken Paxton announced the settlement Tuesday afternoon. The breach, disclosed in January 2014 by the luxury retailer, affected 65,644 Texans. At least 9,200 credit cards were used fraudulently, Paxton said. The breach occurred over a three-month period in 2013 at 77 Neiman Marcus stores nationwide. "Texas law requires businesses to implement and maintain reasonable safeguards against cyberattacks to protect consumers' personal information from unlawful use or disclosure," Paxton said in a statement. "I urge companies to evaluate whether they have in place a thorough and ongoing written information security program that serves to safeguard their customers' information." As part of the settlement, Neiman Marcus will implement new procedures to protect customer data and obtain an information security assessment from a third-party professional. Texas will also receive $95,000 in attorneys' fees and costs.