Skip to main content
close search
site logo
Dive Brief

Forever 21 confirms POS breach captured customer card data

Published Jan. 3, 2018
By
Contributor
Forever 21 press release

Dive Brief:

  • Forever 21's follow-up investigation of a data breach discovered in November has confirmed that malware was installed on some point-of-sale devices, and that some amount of personal payment card data was compromised, according to a statement posted on the retailer's web site.

  • The statement read, in part: "The malware searched only for track data read from a payment card as it was being routed through the POS device. In most instances, the malware only found track data that did not have cardholder name — only card number, expiration date, and internal verification code – but occasionally the cardholder name was found."

  • The retailer did not specify the number of stores or POS devices that were affected during the seven-month period during which the breach was ongoing, but added that the breach and malware installation occurred at stores where the POS device encryption was turned off for some period of time — a few days or weeks in the case of some stores, the entire seven-month timeframe in the case of others.

Dive Insight:

The statement issued by Forever 21 more or less confirmed what little we already knew about the data breach that the company revealed back in November — that some customer payment card data was likely shared with whatever party planted the malware.

Beyond that, Forever 21 either still doesn't know or still isn't sharing a lot of details. For one thing, it's not clear how many stores or devices were infected with the malware, nor how many customers were affected. While the breach could have been worse — not all card data was shared in every case where track data was compromised — without knowing more about how many cards were affected, it's hard to put that in perspective.

The state of affairs that led to the malware being installed still seems rather murky. There hasn't been a clear reason given for why the encryption was turned off for apparently varying amounts of time at some stores, who was at fault for letting this happen, or whether or not it was intentional.

Forever 21's issuing of a follow-up statement is interesting in itself, though, as many retailers aren't willing to do that. Companies tend to admit a breach only when information from third parties has forced them to do so, usually issuing vague but well-meaning statements, and unless the breach was particularly huge, we don't often hear of it again. That could actually work in Forever 21's favor — millennials, in particular, prefer to buy from brands they feel they can trust, with 47% expressing a desire for brands to take ownership of their mistakes and take the consumer’s feedback into account.

The discovery of the data breach was tough timing for Forever 21, coming right before the holiday shopping season kicked in, but it's not clear yet how much the breach has affected Forever's 21's bottom line in the most recent quarter, and despite the update in the investigation, there is much more to learn about the incident.

Recommended Reading

Filed Under: Operations, Technology

Editors' picks

Company Announcements

View all | Post a press release
New Interface Report Reveals Top Security Risks for U.S. Retail Chains
From Interface Systems
November 19, 2024
Guinness is the top beer among high earners: YouGov report
From YouGov America
November 19, 2024
Argon & Co Welcomes New Senior Executive to Lead North American Retail Practice
From Argon & Co
November 13, 2024
Importance of Investing in Innovative Technologies in Retail Highlighted in Gartner Report
From AutoStore
November 01, 2024
Editors' picks
Latest in Operations
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell