Cyber Incident Victim: National Stores, Inc.
Date:
Jul 2017
Location:
United States of America
Summary
National Stores, Inc., a multi-brand retail chain operating hundreds of locations, experienced a malware attack compromising customer payment card information at certain stores over several months. The breach potentially exposed names, card numbers, expiration dates, and security codes. The company engaged cybersecurity experts, notified payment card networks and law enforcement, and removed the malicious software from its systems. Affected customers were advised to monitor account statements for fraudulent activity, with assurances that they would not bear responsibility for unauthorized charges. The retailer also initiated security enhancements for its point-of-sale systems following containment of the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
National Stores, Inc., a retail chain operating 340 stores across twenty-two U.S. states and Puerto Rico under brands including Fallas, Factory 2-U, and Anna’s Linen’s by Fallas, disclosed a malware incident on January 23, 2018, affecting customer payment card data. The company detected unauthorized access to its systems, prompting an immediate investigation with assistance from nationally recognized cybersecurity firms. The malware attack specifically targeted point-of-sale systems, potentially compromising payment cards used at certain store locations between July 16 and December 11, 2017. Compromised information included cardholder names, payment card numbers, expiration dates, and security codes. National Stores notified payment card networks and the FBI upon discovery to coordinate fraud monitoring efforts and support a criminal investigation. CEO Michael Fallas confirmed the malware had been removed from systems and emphasized that affected customers would not be held financially responsible for fraudulent charges. The company initiated security enhancements to its point-of-sale infrastructure to prevent future breaches but did not disclose technical specifics of the malware or the exact number of impacted locations or individuals.
The breach exposed payment card data across a five-month window, though National Stores did not identify which of its brands or geographic regions experienced the highest exposure. Customers were advised to review account statements for unauthorized transactions and contact their card issuers directly with concerns. The company established a dedicated customer service portal at http://www.fallasstores.net/home-1 and a call center (833-214-8746) to address inquiries but did not offer complimentary credit monitoring services. Collaboration with payment card networks aimed to flag suspicious activity on cards used during the affected period through issuer banks. National Stores framed its response around containment, system remediation, and cooperation with law enforcement, though no attribution to specific threat actors or details about data exfiltration methods were provided. The incident highlighted operational risks across the retailer’s multi-state footprint without disrupting its brand portfolio’s continuity.