Neiman Marcus, the American luxury specialty department store has requested an "en banc review" (an appeal session where the case is heard before all the judges of a court as opposed to a panel) of the recent decision in Remijas v Neiman Marcus Group, where the court found that members of a putitive class alleged sufficient facts to establish standing to sue Nieman Marcus following a 2013 data breach.

Hackers invaded the IT systems of Neiman Marcus between July and October 2013. The point-of-sale malware actively "scraped" payment card data from as many as 1.1 million customers.

Neiman Marcus contend that:

  • the panel relied on speculation and conjecture;
  • the defendants have been fully reimbursed for fraudulent charges;
  • the cost of mitigating future harm does not satisfy standing unless that harm is imminent; and
  • the threat of identity theft is low as it was only credit card information compromised.