Loungefly, LLC

On June 26, 2019, the California Office of the Attorney General reported a data breach involving Loungefly, LLC. The breach potentially affected less than 4,600 customers, with compromised information possibly including cardholder names, account numbers, expiration dates, security codes from payment cards, and usernames and passwords associated with Loungefly accounts. The breach was related to unauthorized code placed on the Loungefly online store, but it could not be confirmed that any personal information was actually acquired.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-148443

TPRM report: https://www.rankiteo.com/company/loungefly

"id": "lou944072525",
"linkid": "loungefly",
"type": "Breach",
"date": "9/2018",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': 'less than 4,600',
                        'industry': 'Retail',
                        'name': 'Loungefly, LLC',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized code placed on the online store',
 'data_breach': {'number_of_records_exposed': 'less than 4,600',
                 'personally_identifiable_information': ['cardholder names',
                                                         'account numbers',
                                                         'expiration dates',
                                                         'security codes from '
                                                         'payment cards',
                                                         'usernames and '
                                                         'passwords associated '
                                                         'with Loungefly '
                                                         'accounts'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['cardholder names',
                                              'account numbers',
                                              'expiration dates',
                                              'security codes from payment '
                                              'cards',
                                              'usernames and passwords '
                                              'associated with Loungefly '
                                              'accounts']},
 'date_detected': '2019-06-26',
 'date_publicly_disclosed': '2019-06-26',
 'description': 'A data breach involving Loungefly, LLC, potentially affected '
                'less than 4,600 customers, with compromised information '
                'possibly including cardholder names, account numbers, '
                'expiration dates, security codes from payment cards, and '
                'usernames and passwords associated with Loungefly accounts. '
                'The breach was related to unauthorized code placed on the '
                'Loungefly online store, but it could not be confirmed that '
                'any personal information was actually acquired.',
 'impact': {'data_compromised': ['cardholder names',
                                 'account numbers',
                                 'expiration dates',
                                 'security codes from payment cards',
                                 'usernames and passwords associated with '
                                 'Loungefly accounts']},
 'initial_access_broker': {'entry_point': 'Unauthorized code placed on the '
                                          'online store'},
 'references': [{'date_accessed': '2019-06-26',
                 'source': 'California Office of the Attorney General'}],
 'title': 'Loungefly Data Breach',
 'type': 'Data Breach'}