The US clothes retailer FOREVER 21 announced it has suffered a security breach, hackers stole payment card data at some locations.
Another data breach made the headlines, this time the victim is the US clothes retailer Forever 21 that announced it has suffered a security breach.
According to the company, unknown hackers gain unauthorized access to its payment systems stealing payment cards used at a number of its retail locations.
Customers who shopped between March and October this year may be affected.
The company revealed that it implemented encryption and token-based authentication systems back in 2015, but it was deployed only at certain points of sale.
“FOREVER 21 is notifying its customers that it recently received a report from a third party that suggested there may have been unauthorized access to data from payment cards that were used at certain FOREVER 21 stores. Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist.” announced FOREVER 21.“Because of the encryption and tokenization solutions that FOREVER 21 implemented in 2015, it appears that only certain point of sale devices in some FOREVER 21 stores were affected when the encryption on those devices was not in operation. The company’s investigation is focused on card transactions in FOREVER 21 stores from March 2017 – October 2017.”
The US retailer operates over 815 stores in 57 countries, at the time the firm didn’t say which stores were affected.
The investigation is still ongoing, customers are advised to closely monitor their payment card statements reporting unauthorized charges.
“Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist,” the US clothing retailer said while announcing the data breach. ” continues the announcement.
Source:https://securityaffairs.co/wordpress/65596/data-breach/forever-21-payment-card-breach.html
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.