NSI
Company Details
Linkedin ID:
national-stores-inc
Employees number:
182
Number of followers:
7,831
NAICS:
43
Industry Type:
Homepage:
factory2-u.com
IP Addresses:
0
Company ID:
NAT_5245452
Scan Status:
In-progress
National Stores Inc. Company CyberSecurity Posture
factory2-u.com
National Stores Inc. is a family-owned, family-oriented company that was established in 1962 and grew from a single store in downtown Los Angeles to more than 300 convenient locations in 22 states including Puerto Rico. National Stores Inc. off-price stores include: Fallas Paredes, Fallas Discount Stores and Factory 2-U. Our stores offer a big selection of quality brand name and private label clothing for men, ladies, boys, girls, juniors, infants and toddlers along with lingerie, shoes and home decor. Our philosophy is "First place to shop! First place to save!" and we are committed to providing quality merchandise while keeping our prices the lowest anywhere. We are conveniently located in power strips, specialty centers and downtown areas in the same neighborhoods and smaller communities our customers and our employees call home!
National Stores Inc. A.I CyberSecurity Scoring
NSI Risk Score (AI oriented)Between 700 and 749
NSI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
NSI Global Score (TPRM)XXXX
NSI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
NSI Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
National Stores, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On January 22, 2018, the California Office of the Attorney General reported a data breach involving National Stores, Inc., which occurred between July 16 and December 11, 2017, due to malware affecting point of sale systems. The breach potentially exposed payment card information, including names, card numbers, expiration dates, and security codes, but the specific number of affected individuals remains unknown.
National Stores Inc.
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: National Stores, Inc. has been the victim of a malware attack. It enabled unauthorized parties to access payment card information. The payment cards used by customers at some National Stores locations between July 16 and December 11, 2017 may be involved. The affected payment card information may have included names, payment card numbers, expiration dates, and security codes.
NSI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for NSI
Incidents vs Retail Industry Average (This Year)
No incidents recorded for National Stores Inc. in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for National Stores Inc. in 2025.
Incident Types NSI vs Retail Industry Avg (This Year)
No incidents recorded for National Stores Inc. in 2025.
Incident History — NSI (X = Date, Y = Severity)
NSI cyber incidents detection timeline including parent company and subsidiaries
NSI Company Subsidiaries
National Stores Inc. is a family-owned, family-oriented company that was established in 1962 and grew from a single store in downtown Los Angeles to more than 300 convenient locations in 22 states including Puerto Rico. National Stores Inc. off-price stores include: Fallas Paredes, Fallas Discount Stores and Factory 2-U. Our stores offer a big selection of quality brand name and private label clothing for men, ladies, boys, girls, juniors, infants and toddlers along with lingerie, shoes and home decor. Our philosophy is "First place to shop! First place to save!" and we are committed to providing quality merchandise while keeping our prices the lowest anywhere. We are conveniently located in power strips, specialty centers and downtown areas in the same neighborhoods and smaller communities our customers and our employees call home!
Loading...
NSI Similar Companies
Macy's
Macy's is America’s store for life. The largest retail brand of Macy's, Inc. (NYSE:M) delivers quality fashion at affordable prices to customers at approximately 640 locations in 43 states, the District of Columbia, Puerto Rico, and Guam, as well as to customers in more than 100 international destin
Hobby Lobby
In 1970, entrepreneurs David and Barbara Green, along with their young family, began making miniature picture frames in their garage. A few years later, on August 3, 1972, the Green family opened the first Hobby Lobby store with a mere 300 square feet of retail space. Hobby Lobby has not stopped g
Chico's FAS, Inc.
Our passion for fashion and desire to inspire confidence and joy have been guiding the creation of our women’s clothing, intimates, and accessories for more than 40 years. Our portfolio consists of three brands: Chico’s, WHBM, and Soma found in over 1,000 stores throughout the United States and onli
RGIS
Since 1958, we’ve been pushing the envelope for accurate and reliable inventories and quality retail merchandising services. Our trusted results allowed us to expand across the globe as well as leverage our expertise to service other industries. With nation-wide coverage and thousands of employees
RD Saúde
Somos a RD Saúde, um ecossistema de saúde integral, com mais de 3 mil farmácias em todo o Brasil e negócios em saúde que dividem o mesmo propósito: contribuir para uma sociedade mais saudável. Nossa jornada começou em novembro de 2011, fruto da união entre Droga Raia e Drogasil, crescendo até se tor
MAP Group Asia
MAP Group Asia is Indonesia’s leading retail organization with an expanding presence across Southeast Asia. Our diverse portfolio includes Sports, Fashion, Digital, Department Stores, Kids, Food & Beverage, and Lifestyle. As a market leader, we are committed to building a resilient and future-focus
Premium Restaurant Brands
Premium Restaurant Brands cuenta con la marca Kentucky Fried Chicken en México con presencia a nivel nacional, teniendo más de 450 restaurantes tanto propios como franquicias, dentro de los cuales laboran más de 10,000 colaboradores que trabajan diariamente para brindar el mejor servicio y seguir
Sam's Club
Sam’s Club (NYSE: WMT) a division of Walmart Inc., is the membership warehouse club solution for everyday living. Our President and CEO is Chris Nicholas and our headquarters is in Bentonville, AR. For the fiscal year ending January 31, 2023, Sam’s Club’s total revenue was $84.3 billion. There are
Hallmark Cards
Hallmark believes if you care enough you can change the world as we work to help create a more emotionally connected world in every life, every day. Founded in 1910 by a teenage entrepreneur with two shoe boxes of postcards under his arm, Hallmark today is still family owned and privately held.
.png)
NSI CyberSecurity News
October 29, 2025 07:00 AM
Marks & Spencer Replaces IT Provider Amid Security Concerns
Marks & Spencer has ended its longstanding IT service desk contract with Tata Consultancy Services (TCS), months after the...
October 09, 2025 07:00 AM
Cyberattacks Upset British Life, Disrupting Car Factories and Grocery Stores
For more than a month, Jaguar Land Rover hasn't built a single car. The company, Britain's largest automaker, shut down its systems on Sept.
June 19, 2025 07:00 AM
Cyberattack On Whole Foods Supplier Disrupts Supply Chain Again
A June 2025 cyberattack on United Natural Foods Inc., the primary distributor for Whole Foods Market, caused widespread delivery disruptions...
June 12, 2025 07:00 AM
TTP - Spot Check: Apple and Google Still Have a Chinese VPN Problem
The Apple and Google app stores offer VPNs without revealing they're owned by Chinese companies. That keeps Americans in the dark about...
June 12, 2025 07:00 AM
Whole Foods sees shortages after United Natural Foods cyberattack
A cyberattack on a primary organic food distributor has led to empty shelves at Whole Foods stores across the country. The company, Rhode...
June 05, 2025 07:00 AM
Trump’s national cyber director nominee dodges criticism of funding cuts
Sean Cairncross said his managerial experience has prepared him well to lead a relatively new White House cyber unit.
June 03, 2025 07:00 AM
The World Will Store 200 Zettabytes Of Data By 2025
Total global data storage is projected to exceed 200 zettabytes by 2025. This includes data stored on private and public IT infrastructures, on utility...
April 03, 2025 06:38 PM
How cyberattacks on grocery stores could threaten food security
Grocery store shoppers at many chains recently ran into an unwelcome surprise – empty shelves and delayed prescriptions resulting from a major cyberattack.
March 24, 2025 07:00 AM
FCC investigating China-linked companies over evasion of US national security measures
The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
NSI CyberSecurity History Information
Official Website of National Stores Inc.
The official website of National Stores Inc. is http://www.factory2-u.com/aboutus.html.
National Stores Inc.’s AI-Generated Cybersecurity Score
According to Rankiteo, National Stores Inc.’s AI-generated cybersecurity score is 747, reflecting their Moderate security posture.
How many security badges does National Stores Inc.’ have ?
According to Rankiteo, National Stores Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does National Stores Inc. have SOC 2 Type 1 certification ?
According to Rankiteo, National Stores Inc. is not certified under SOC 2 Type 1.
Does National Stores Inc. have SOC 2 Type 2 certification ?
According to Rankiteo, National Stores Inc. does not hold a SOC 2 Type 2 certification.
Does National Stores Inc. comply with GDPR ?
According to Rankiteo, National Stores Inc. is not listed as GDPR compliant.
Does National Stores Inc. have PCI DSS certification ?
According to Rankiteo, National Stores Inc. does not currently maintain PCI DSS compliance.
Does National Stores Inc. comply with HIPAA ?
According to Rankiteo, National Stores Inc. is not compliant with HIPAA regulations.
Does National Stores Inc. have ISO 27001 certification ?
According to Rankiteo,National Stores Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of National Stores Inc.
National Stores Inc. operates primarily in the Retail industry.
Number of Employees at National Stores Inc.
National Stores Inc. employs approximately 182 people worldwide.
Subsidiaries Owned by National Stores Inc.
National Stores Inc. presently has no subsidiaries across any sectors.
National Stores Inc.’s LinkedIn Followers
National Stores Inc.’s official LinkedIn profile has approximately 7,831 followers.
NAICS Classification of National Stores Inc.
National Stores Inc. is classified under the NAICS code 43, which corresponds to Retail Trade.
National Stores Inc.’s Presence on Crunchbase
No, National Stores Inc. does not have a profile on Crunchbase.
National Stores Inc.’s Presence on LinkedIn
Yes, National Stores Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/national-stores-inc.
Cybersecurity Incidents Involving National Stores Inc.
As of December 02, 2025, Rankiteo reports that National Stores Inc. has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
National Stores Inc. has an estimated 15,293 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at National Stores Inc. ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Breach.
Incident Details
Can you provide details on each incident ?
Title: Malware Attack on National Stores, Inc.
Description: National Stores, Inc. has been the victim of a malware attack that enabled unauthorized parties to access payment card information. The payment cards used by customers at some National Stores locations between July 16 and December 11, 2017 may be involved. The affected payment card information may have included names, payment card numbers, expiration dates, and security codes.
Type: Malware Attack
Threat Actor: Unauthorized parties
Motivation: Theft of payment card information
Title: National Stores, Inc. Data Breach
Description: A data breach involving National Stores, Inc. occurred between July 16 and December 11, 2017, due to malware affecting point of sale systems. The breach potentially exposed payment card information, including names, card numbers, expiration dates, and security codes.
Date Detected: 2018-01-22
Date Publicly Disclosed: 2018-01-22
Type: Data Breach
Attack Vector: Malware
Vulnerability Exploited: Point of Sale Systems
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Malware Attack NAT14151622
Data Compromised: Names, Payment card numbers, Expiration dates, Security codes
Payment Information Risk: High
Incident : Data Breach NAT722080425
Data Compromised: Payment card information, Names, Card numbers, Expiration dates, Security codes
Systems Affected: Point of Sale Systems
Payment Information Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Payment Card Numbers, Expiration Dates, Security Codes, , Payment Card Information, Names, Card Numbers, Expiration Dates, Security Codes and .
Which entities were affected by each incident ?
Incident : Malware Attack NAT14151622
Entity Name: National Stores, Inc.
Entity Type: Retail
Industry: Retail
Incident : Data Breach NAT722080425
Entity Name: National Stores, Inc.
Entity Type: Retail
Industry: Retail
Data Breach Information
What type of data was compromised in each breach ?
Incident : Malware Attack NAT14151622
Type of Data Compromised: Names, Payment card numbers, Expiration dates, Security codes
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach NAT722080425
Type of Data Compromised: Payment card information, Names, Card numbers, Expiration dates, Security codes
Sensitivity of Data: High
Personally Identifiable Information: Names
References
Where can I find more information about each incident ?
Incident : Data Breach NAT722080425
Source: California Office of the Attorney General
Date Accessed: 2018-01-22
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2018-01-22.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized parties.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2018-01-22.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2018-01-22.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Payment card numbers, Expiration dates, Security codes, , Payment card information, Names, Card numbers, Expiration dates, Security codes and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Card numbers, Security codes, Payment card information, Names, Expiration dates and Payment card numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=national-stores-inc' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
