Forever 21 Breach Lasted Over Seven Months

2 January 2018

Encryption was not turned on at some of the point of sale (POS) devices used in Forever 21 stores, exposing customers card data to info-stealing malware last year, the firm has revealed.

In an update to November revelations of a major data breach, the fashion retailer claimed that an investigation had found signs of “unauthorized network access and installation of malware on some POS devices designed to search for payment card data.”

“The malware searched only for track data read from a payment card as it was being routed through the POS device,” it added. “In most instances, the malware only found track data that did not have cardholder name — only card number, expiration date, and internal verification code — but occasionally the cardholder name was found.”

Read full news article on Infosecurity

Date:

2 January 2018

Categorie(s):

NEWS

Tag(s):

Breach, Forever 21

The Importance of Team Culture in Startups – Brian Carbaugh – FS #415 November 2024
Data breach exposes 122M records from DemandScience following initial denials15 November 2024
Bitsight acquires threat intelligence provider Cybersixgill for $115M15 November 2024
Using Machine Learning to Prevent Fraud in E-Commerce Transactions14 November 2024
122 million people’s business contact info leaked by data broker14 November 2024