Get in touch now on

+61 7 3480 5121

Forever 21 Says PoS Systems Exposed Customer Data for 8 Months
02 January, 2018
This post was originally published on this site

Fashion retailer Forever 21 confirmed a breach made public in November resulted in the theft of credit card data belonging to an undisclosed number of customers.

The company had stated that a lack of encryption used on some of its point-of-sales payment terminals could have resulted in unauthorized access to payment card data. In its most recent update, issued last week, Forever 21 now states effected PoS terminals allowed hackers to install malicious software for nearly eight months in 2017.

“The investigation found that encryption was off and malware was installed on some devices in some U.S. stores at varying times during the period from April 3, 2017 to November 18, 2017,” the company said in a recently released statement.  “In some stores, this scenario occurred for only a few days or several weeks, and in some stores this scenario occurred for most or all of the timeframe.”

The company said each of its Forever 21 retail outlets uses multiple PoS terminals, but at some stores a number of devices did not have encryption enabled. It said hackers targeted those few stores and the vulnerable PoS devices that kept logs of completed payment transaction authorizations.

“In a group of stores that were involved in this incident, malware was installed on the log devices that was capable of finding payment card data from the logs,” the company said.

Malware on affected PoS devices searched only for track data read from payment cards as they were routed through the POS device, the company said. “In most instances, the malware only found track data that did not have cardholder name – only card number, expiration date, and internal verification code – but occasionally the cardholder name was found.”

Still unknown is how many of Forever 21’s customers were effected that shopped at one

read more ...

What our
Clients say

Product Finder

Search for products that match of these criteria:

 + Add row
System Diagnostic

  • Do you have five or more computers?
  • Do you have a server?
  • Is your data critical to your business?
  • Do you think IT could perform better?
  • Are you concerned about your IT security?
  • Do you need to be kept up to date?
  • Would you like your IT maintained?
Product Finder

Search for products that match of these criteria:

 + Add row



Phone:07 3480 5121

Address: 8 - 37 Flinders Parade, North Lakes

QLD 4509 Australia

Post: PO Box 128, Burpengary

QLD 4505 Australia