Afaze

Afaze is a retail brand that operates physical store locations, offering merchandise to consumers through brick‑and‑mortar outlets. It is part of the retail portfolio of A&M (2015) LLC, a company that owns multiple retail brands. The brand focuses on in‑store sales, with no indication of an online commerce channel being part of its core operations as per the incident description. Its primary interaction with customers occurs at point‑of‑sale terminals within its stores. The brand’s product assortment and target market are not detailed in the available source material. The incident description confirms that Afaze processes payment card transactions for in‑store purchases.

No explicit size or reach data for Afaze is provided in the source material. Afaze became known for a 2015 point‑of‑sale malware incident that exposed payment card data, including card numbers, expiration dates, CVV codes, and, at two locations, customer names. The breach did not involve Social Security numbers or PINs, as those were not collected by the company. Detection occurred through alerts from the brand’s credit processor, prompting a forensic investigation that confirmed the malware’s data exfiltration capabilities. Following the breach, Afaze removed the malware and implemented enhanced security measures to protect its payment systems. The incident was confined to physical store transactions, with no impact on online purchases, and affected customers were notified to monitor their accounts.