Forever 21 investigates malware attacks in stores

The US clothing retailer, Forever 21 has revealed that the credit card information of some of its customers was obtained by hackers following a data breach that was discovered in November. 

The company informed its customers that a data breach had been discovered after it received a warning from a third-party supplier regarding vulnerabilities in its point-of-sale (PoS) devices.  Forever 21 then hired a cyberforensics firm to investigate the incident more thoroughly. 

The retailer has now received the results of the investigation, revealing that some PoS devices used in customer purchases were not “always on” which gave hackers a window to install malware that was able to access its network. 

The malware was able to search for payment tracking data and steal information from customers including credit card numbers, expiration dates, internal verification codes as well as some cardholder names. 

According to the investigation, the malware operated in some outlets from April 3rd 2017 until November 18th 2017. 

Forever 21 offered more details on the data breach in a statement, saying: 

“In some stores, this scenario occurred for only a few days or several weeks, and in some stores, this scenario occurred for most or all of the timeframe.  Each Forever 21 store has multiple PoS devices, and in most instances, only one or a few of the PoS devices were involved.” 

The hackers were also able to gain access to the company's log system (when encryption was not in use) which keeps track of accepted transactions and authorisations.   

The extent of the data breach is still unknown at this time and it is unclear how many stores and customers were affected though Forever 21 is currently working with cybersecurity professionals and PoS device suppliers to improve its security going forward. 

Image Credit: Andriano.cz / Shutterstock