Forever 21 Data Breach
Retailer Forever 21 recently released a statement about a credit card security issue that occurred at some of their U. S. stores between April and November of last year.
The statement comes after an in-depth investigation into the situation.
The statement reads, in part:
"The investigation found that encryption was off and malware was installed on some devices in some U.S. stores at varying times during the period from April 3, 2017 to November 18, 2017. In some stores, this scenario occurred for only a few days or several weeks, and in some stores this scenario occurred for most or all of the timeframe. Each Forever 21 store has multiple POS devices, and in most instances only one or a few of the POS devices were involved. Additionally, Forever 21 stores have a device that keeps a log of completed payment card transaction authorizations. When encryption was off, payment card data was being stored in this log. In a group of stores that were involved in this incident, malware was installed on the log devices that was capable of finding payment card data from the logs, so if encryption was off on a POS device prior to April 3, 2017 and that data was still present in the log file at one of these stores, the malware could have found that data."
Find the entire statement HERE
Purchases made on their website were not affected.
Customers can visit forever21.com/protectingourcustomers or call 855.560.4992 Monday through Friday between the hours of 8:00 a.m. to 6:00 p.m. P.S.T if they have questions.