Forever 21 Hit with Credit Card Data Breach

Forever 21 the clothing franchise disclosed that it had suffered a data security breach that involved credit credits in November, and now the company has returned to give an update on what it discovered during its investigation.

According to a statement by the company, it became aware of the possible security issued through a third-party during October. That in turned triggered an internal investigation by the clothing franchise, which found that the point-of-sale devices at certain locations did not always use full encryption.

In addition to the issues involving encryption, the internal investigation discovered signs of the network suffering unauthorized access, as well as the installation of malware on some of its point-of-sale systems at different stores.

The malware, according to the company’s statement, was installed to search for information related to payment cards.

Details about what type of malware were released, including that it had searched for track data that the POS device read from the payment cards used to purchase products at the stores.

In the majority of cases, said Forever 21, the malware just found track data that did not contain the name of the cardholder, only the number of card, its date of expiration, and the internal verification code, but on occasion, the malware was able to find the cardholder’s name, said the statement Forever 21 released.

It also appears that the malware hit only stores in the U.S., not any of its international ones, and it was active on the devices that were infected between April 3 and November 18 of 2017, though not every store was compromised for the entire time.

The majority of stores had only one or a small number of devices that were infected with malware, explained the company.

However, due to the POS log that tracked the authorizations of card transaction, Forever 21 said the devices that were not fully encrypted were storing info.

Data previous to April 3 might in certain cases have been accessible to malware due to the unencrypted log, but that remains unclear.

Nevertheless, because of the log on the POS that tracked card customers at Forever 21, the company said those people who believe that their personal and or card information might have been compromised should monitor all accounts for any signs of fraudulent activity.

Leave a Reply