Another major retailer was breached last year as Forever 21 has now confirmed that point of sale terminals at various stores across the country were breached for the most part of 2017. This resulted in the credit card information of countless customers being leaked. Forever 21 hasn’t said precisely how many customers have been affected by this.
Forever 21 has confirmed that many of its point of sale terminals at retail stores across the United States were breached between April 3rd and November 18th, 2017. It’s unclear at this point in time who is behind this.
The retail chain has also confirmed that in most cases, the breach compromised card numbers, expiration dates, and verification codes but not cardholder names. It also adds that in some cases, the hackers were also able to obtain cardholder names. In other cases, credit card data that was stored in system logs before April 3rd was also compromised.
Forever 21 uses encryption to protect its payment processing system but it turns out that in some stores the encryption was disabled sometimes. This left the point of sale terminals vulnerable to malware. During the full period of this breach, not every terminal in every store was affected and not every store was impacted.
Forever 21 is now investigating if stores outside the United States have been affected as well. The malware didn’t impact purchases made through its website. It’s now working with security firms to improve its security measures.