Cyber Incident Victim: Fashion to Figure
Date:
May 2015
Location:
United States of America
Summary
Fashion to Figure experienced a compromise involving malware placed on its web hosting provider's server, discovered during an investigation into slow website performance. The breach potentially exposed customer names, IDs, postal addresses, telephone numbers, and payment card details. Remediation efforts included malware removal, migrating to a new hosting provider, updating administrative credentials, conducting comprehensive system scans, applying security patches, and enhancing staff training. Affected individuals were offered complimentary identity theft recovery services for one year.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In May 2015, malware was inserted onto the web hosting server supporting Fashion to Figure’s e-commerce operations, though the intrusion remained undetected for nearly five months. The company, operating under parent entity B. Lane, Inc., first identified anomalous activity on October 16, 2015, when personnel investigated performance issues related to a slowly loading webpage. This investigation revealed unauthorized code operating within their payment processing environment. Forensic analysis determined the malware had been active since its initial deployment on May 19, creating a prolonged window for potential data exfiltration. Compromised customer data included full names, unique customer identifiers, physical mailing addresses, telephone contact details, and payment card particulars—encompassing the information necessary for transactional fraud and identity theft. The breach directly impacted individuals who conducted transactions through the company’s website during the malware’s operational period.
Fashion to Figure initiated containment measures immediately upon confirming the breach, commencing with the eradication of malicious code from compromised systems. The company severed ties with its incumbent web hosting provider, migrating services to an alternative firm to prevent further exploitation of the vulnerable infrastructure. Internal security protocols underwent comprehensive revision, including system-wide password resets for all administrative accounts and thorough antivirus scans across organizational computing assets. Software patch management received prioritized attention, with updates applied to eliminate known vulnerabilities. Employees participated in enhanced cybersecurity training to improve threat recognition and response capabilities. Affected customers received breach notifications detailing the incident’s scope and remedial offerings. As compensatory mitigation, Fashion to Figure arranged complimentary twelve-month subscriptions to identity theft recovery services through IDExperts, enabling victims to access resolution support for financial fraud or credential misuse arising from the incident.