Menu
Browse

Cyber Incident Victim: Afaze

Date:

Oct 2015

Location:

United States of America

Summary

A&M discovered suspicious files on its systems that were later found capable of collecting payment card data, leading to the removal of the malware. The company confirmed that the malware may have captured card numbers, expiration dates and CVVs from cards used at Annie Sez, Afaze, Mandee, Sirens and Urban Planet locations, with name data also exposed for certain Annie Sez and Mandee stores. A&M stated that the incident did not involve online transactions, Social Security numbers or PINs, and that cards can now be used safely at the affected stores. To assist those potentially affected, A&M set up a dedicated phone line and provided information on its websites.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
0 actors Available to members Available to members

Description

On November 11, 2016, A & M (2015) LLC issued a notice regarding a data security incident that may have affected payment card information used at several retail brands. The company said it began investigating after receiving reports from its credit card processor about unusual activity. On August 11, 2016, A&M’s internal review uncovered suspicious files on its systems that indicated a possible compromise of card data. By August 23, 2016, the company determined that those files were capable of capturing credit and debit card information and promptly removed them.

Cyber Incident Image

The incident potentially impacted customers who used debit or credit cards at Annie Sez, Afaze, Mandee, Sirens, and Urban Planet locations between November 24, 2015 and August 23, 2016. Additional exposure was noted for the Annie Sez store in Danbury, Connecticut and the Mandee store in Bergenfield, New Jersey, where transactions from October 15, 2015 and October 14, 2015 respectively through August 23, 2016 may have also involved the cardholder’s name. The data that could have been accessed included card numbers, expiration dates, and CVV codes, with the two named stores also exposing names. A&M stated that no Social Security numbers or PINs were involved in the breach.

After discovering the suspicious files, A&M engaged third‑party forensic experts to conduct a thorough investigation of its computer systems. The company worked with those experts to confirm that malware had been present and to determine the extent of the data exposure. In response, A&M removed the malicious files and implemented additional security procedures to prevent further unauthorized access. The firm also coordinated with law‑enforcement officials as part of its response effort.

To assist affected individuals, A&M established a dedicated help line that operated from 9 a.m. to 9 p.m. EDT, Monday through Friday, reachable at 1‑844‑512‑9007. The company posted information about the incident on the websites of Annie Sez and Mandee, where customers could find details about what had occurred. A&M continued to work with forensic investigators and law enforcement to monitor the situation and to ensure the security of its systems. The notice emphasized that customers could continue to use their cards safely at the affected locations after the malware was removed.

Sources
Sources available to members
1 source