The Organization uses a third-party company, Aptos, Inc., to operate and maintain the technology for website and telephone orders. Specifically, Aptos provides a digital commerce platform that functions as the back-end for the Organization?s online store, as well as its order management system. On February 6, 2017, Aptos advised the Organization that unauthorized person(s) electronically accessed and placed malware on Aptos’ platform holding payment card transaction information for about 40 online retailers. According to Aptos, the incident began in February 2016 and ended in December 2016. Aptos itself learned of the event in November 2016, but was asked by law enforcement investigating the incident to delay notification to allow the investigation to move forward.

File Type: pdf
File Size: 330 KB
Categories: 2018