Thumbnail for 519013

Forever 21 confirms computer breach at some stores

By in Press Enterprise on December 29, 2017

By City News Service

LOS ANGELES >> Forever 21 Inc. announced Thursday that a two-month investigation confirmed unauthorized access to the clothing company’s computer network through malware installed on point-of-sale devices at some of its U.S. stores.

Los Angeles-based Forever 21 said in a statement the malware was able to detect data from a payment card as it was being routed through the devices, also called POS devices.

In most of those instances, the malware only found data that did not have a cardholder’s name to go along with the card number, expiration date and internal verification code illegally lifted from the POS devices, but occasionally the cardholder name also was stolen, the company said.

The investigation found that successful malware invasions often resulted when POS devices at some Forever 21 stores in the U.S. were turned off at varying times from April 3 to Nov. 18, the company said.

In some stores, this scenario occurred for only a few days or several weeks, but in some stores the scenario occurred for most or all of the timeframe.

Each Forever 21 store has multiple POS devices, and in most instances only one or a few of the POS devices were involved, officials said.

Additionally, a device that keeps a log of completed payment card transaction authorizations was vulnerable to malware hacking when encryption was off, allowing access to payment card data was being stored in this log

“In a group of stores that were involved in this incident, malware was installed on the log devices that was capable of finding payment card data from the logs, so if encryption was off on a POS device prior to April 3, 2017 and that data was still present in the log file at one of these stores, the malware could have found that data,” the company said.

“Because of the encryption … solutions that […]    

Leave a Reply

Your email address will not be published. Required fields are marked *