If you purchased lingerie or other items from Phoenix-based Yandy.com, you may be getting a breach notification.
Yandy reports that they became aware of the breach on August 18, and it involved customers’ names, postal and email addresses, card numbers, expiration dates, and CVV codes.
Although the notification letter, signed only by “The Yandy Team,” does not disclose when the breach started (the letter states it was “brief time frames” during which the breach occurred), meta data for their submission to the California Attorney General’s Office indicates that the breach first occurred on May 28.
Customers were advised to be vigilant and were given the boilerplate suggestions we’ve seen attached to so many other breach notifications. Yandy did not indicate any specific steps it was taking to prevent a recurrence but stated that they would continue to assess and modify their privacy and data security policies.