Criminals hacked point-of-sale terminals of Forever 21

by Lucia Danes - - 2018-01-02

Hackers broke into Forever 21's servers and stole customers' data

Forever 21 hack led to stolen customers' data The famous Forever 21 retailer confirms that its payment servers were hacked and customers' credit card details might be at risk. In the official press release, the shop claims that only specific devices in some of the Forever 21 shops were affected^[1]. However, people who have used their services from March 2017 to October 2017 should be concerned.

According to the analysts, the hackers managed to get such credit card details as numbers, confirmation codes, expiration dates, and in some cases the name of the cardholder^[2]. This data breach could lead to significant financial losses to many Forever21 customers.

However, Forever 21 says the following in their official report^[3]:

We regret that this incident occurred and apologize for any inconvenience. We will continue to work to address this matter.

Malicious software was installed on sales terminals across the shops

Shortly after being notified about the potential hacker attack, Forever 21 hired leading payment technology and security firms to investigate. They have found that encryption technology the retailer used was not always working on certain point-of-sale (POS) devices^[4]:

The investigation determined that the encryption technology on some point-of-sale (POS) devices at some stores was not always on. The investigation also found signs of unauthorized network access and installation of malware on some POS devices designed to search for payment card data.

Even though there are multiple POS devices across Forever21 shops, some of them might be infected including a log device which stores the data of completed payment card transaction authorizations^[5]. If the malware was present on the device and the encryption was off, it could have recorded that data.

Forever 21 has taken the corresponding measures to deal with the attack:

Forever 21 has been working with its payment processors, POS device provider, and third-party experts to address the operation of encryption on the POS devices in all Forever 21 stores.

Tips to protect your data

If you have any doubts about your security, experts recommend you to monitor the activity of your bank account carefully and identify any unauthorized transactions:

It is always advisable for customers to closely monitor their payment card statements. If customers see an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges.

Note that those who have used the online Forever21 shop should not be concerned. The malware hasn't affected an e-shop system.

About the author

Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions

References

^ Notice of Payment Card Security Incident. Forever21. Shop Forever 21 for the latest trends and the best deals.
^ Duncan Riley. Forever 21 confirms credit card details were stolen in hack of its sales network. SiliconANGLE. IT News.
^ Tom McKay. Hackers Broke Into Forever 21's Payment System For Over Half of 2017. Gizmodo. We come from the future.
^ Laura Hautala. Forever 21. Yes, hackers breached our payment system. CNET. Product reviews, how-tos, deals and the latest tech new.
^ Forever 21 Reports Findings from Investigation of Payment Card Security Incident. Forever21. Shop Forever 21 for the latest trends and the best deals.