Los Angeles-based fashion retailer Forever 21 informed customers on Tuesday that it has launched an investigation into a security incident involving payment systems.
The company said it recently learned from a third-party that credit and debit cards used at certain Forever 21 stores may have been compromised.
An investigation has been launched and a cybersecurity and forensics firm has been called in to assist. Forever 21 has provided few details about the incident, but noted that its investigation focuses on transactions made between March and October 2017.
The company has promised to share more information, including the list of affected stores and timeframes, in the upcoming period. It did, however, highlight that security mechanisms implemented in many of its stores made stealing payment card information difficult.
“Because of the encryption and tokenization solutions that Forever 21 implemented in 2015, it appears that only certain point of sale devices in some Forever 21 stores were affected when the encryption on those devices was not in operation,” the company said in a statement.
In the meantime, the company has advised customers to keep a close eye on credit card statements and immediately notify their bank of any unauthorized charges.
Forever 21 operates over 800 stores in 57 countries around the world. The company is the 5th largest specialty retailer in the United States.
“With its endless POS endpoints, the retail industry has always been a desirable target for cybercriminals,” said Mark Cline, a VP at managed security services firm Netsurion. “They know that if they can introduce malware into POS networks, they can make a decent amount of cash by selling credit card numbers on the dark web. With their millions of customers, large retailers, like Forever 21, have typically been the hardest hit. Companies must pay up to $172 per stolen record in clean-up costs.”
“If retail businesses haven’t hardened their IT and POS security, they should start now to protect themselves from POS malware, ransomware and other threats—especially as we move into the holiday shopping season,” Cline added. “They may be running anti-virus software and managed firewalls, but they may or may not be running a strong offense with active monitoring and threat detection.”
Forever 21 is not the only clothing retailer to report a payment card breach this year. Brooks Brothers and Buckle also reported finding malware on their payment systems. Eddie Bauer informed customers of a cyber intrusion last year.
Related: Kmart Payment Systems Infected With Malware
Related: Home Depot to Pay Banks $25 Million for 2014 Breach

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
- Dozens of Cybersecurity Companies Announced Layoffs in Past Year
Latest News
- Sentra Raises $30 Million for DSPM Technology
- Cyber Insights 2023: Cyberinsurance
- Cyber Insights 2023: Attack Surface Management
- Cyber Insights 2023: Artificial Intelligence
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- Guardz Emerges From Stealth Mode With $10 Million in Funding
- How the Atomized Network Changed Enterprise Protection
- Critical QNAP Vulnerability Leads to Code Injection
