Nordstrom Data Breach Exposes Employee Information

According to a Nordstrom spokesperson, no customer data was involved in the breach. In a statement, the company said it was “investigating an incident where a contract worker improperly handled some Nordstrom employee data.”

• By Jessica Davis
• Nov 15, 2018

Nordstrom is notifying employees of a data breach that exposed their personal information, including names, Social Security numbers, dates of birth, checking account and routing numbers, and salaries.

Co-President Blake Nordstrom emailed employees Nov. 7 to apologize and let them know about the information security breach. Employees who might not have access to corporate email accounts were shown the breach notification by managers at work, and some former employees have received notifications by mail.

The company would not say how many employees were affected by the breach.

According to a Nordstrom spokesperson, no customer data was involved in the breach. In a statement, the company said it was “investigating an incident where a contract worker improperly handled some Nordstrom employee data.”

The incident, which took place Oct. 9, was discovered by Nordstrom’s information security team. According to the company, “no longer has any access to our systems and we’re putting additional measures in place to help prevent this from happening again.” Nordstrom contacted law enforcement to begin a comprehensive investigation.

“We have no evidence data was shared or used inappropriately,” the company said. “Out of an abundance of caution, we are notifying our employees so they can take the appropriate steps to monitor for any potential unauthorized activity.”

The company is offering affected employees two years of identity protection services.