Forever 21 has notified customers of a credit card breach affecting certain stores. Shoppers who used payment cards between March 2017 and October 2017 may be affected.
The clothing retailer learned about the breach from a third-party monitor, which suggested there may have been unauthorized access to customers' payment card data. Forever 21 had implemented encryption and tokenization in 2015; this breach affects point-of-sale devices where the encryption was not operating correctly, the company reports.
A security and forensics firm has been hired to help with the investigation. Because it's still early on, Forever 21 has not confirmed the number of people affected and says it will provide additional information as it learns about specific stores and timeframes. Customers are advised to watch their payment card statements for unauthorized charges.
Read more details here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.