Another data breach made the headlines, this time the victim is the US clothes retailer Forever 21 that announced it has suffered a security breach.
According to the company, unknown hackers gain unauthorized access to its payment systems stealing payment cards used at a number of its retail locations.
Customers who shopped between March and October this year may be affected.
The company revealed that it implemented encryption and token-based authentication systems back in 2015, but it was deployed only at certain points of sale.
“FOREVER 21 is notifying its customers that it recently received a report from a third party that suggested there may have been unauthorized access to data from payment cards that were used at certain FOREVER 21 stores. Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist.” announced FOREVER 21.“Because of the encryption and tokenization solutions that FOREVER 21 implemented in 2015, it appears that only certain point of sale devices in some FOREVER 21 stores were affected when the encryption on those devices was not in operation. The company’s investigation is focused on card transactions in FOREVER 21 stores from March 2017 – October 2017.”
The US retailer operates over 815 stores in 57 countries, at the time the firm didn’t say which stores were affected.
The investigation is still ongoing, customers are advised to closely monitor their payment card statements reporting unauthorized charges.
“Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist,” the US clothing retailer said while announcing the data breach. ” continues the announcement.
“We regret that this incident occurred and apologize for any inconvenience. We will continue to work to address this matter.”
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.