Skip to main content

Latest Store With Payment Breach Is Forever 21

By November 29, 2017June 16th, 2022Cybersecurity

Unfortunately, another high-profile data breach has surfaced. The latest company to fall victim is US-based fashion retailer Forever 21, operating more than 800 stores in 57 countries.

The company became aware of the breach when they were notified of “unauthorized access to data from payment cards that were used at certain Forever 21 store locations.”

The investigation into the incident is ongoing, and we don’t have full details yet, but here’s what we know so far:

• Although the company had attempted to bolster security by implementing a token and encryption-based system that was designed to protect transaction data on the company’s point-of-sale system, an implementation issue at some store locations left POS equipment vulnerable, and these were the devices the hackers gained access to.

• Anyone who shopped at a Forever 21 location between March and October 2017 may have been impacted.

At this point, three significant pieces of information are missing. We do not yet know exactly which stores were impacted, nor how many of Forever 21’s customers may have seen their credit card information exposed, or what level of access the hackers may have had to the transaction data. We also don’t yet know if the group responsible got any personally identifiable information from the affected terminals.

The company’s official announcement regarding the breach included the following statement:

“Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist. We regret that this incident occurred and apologize for any inconvenience. We will continue to work to address this matter.”

If you’ve shopped at any Forever 21 location during the timeframe mentioned above, be aware that your payment data may have been compromised. For now, the best thing you can do is monitor your credit card statements closely for any unusual activity and report it immediately if you find it.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.