View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. News
  2. Company news
January 4, 2018

Forever 21 confirms payment card breach by POS malware in US

Fashion retailer Forever 21 has confirmed and provided additional details on the payment card security breach that occurred at some of its US stores in November 2017.

An investigation carried out by the firm revealed that the encryption technology on some point-of-sale (POS) devices was not always on at certain stores.

The firm has also found some POS devices with signs of unauthorised network access and installation of malware, which was designed to search for track data read from a payment card on the devices.

The malware found card number, expiration date and internal verification code in majority of instances, while cardholder name was found occasionally, the fashion retailer said.

The malware was also installed on a log device that was used to store payment card data, when the encryption was off.

Currently, the firm is working with its payment processors, POS device provider and third-party experts to resolve the encryption issues on the POS devices at all its stores.

Forever 21 has also collaborated with security firms to boost the security measures.

While the firm has other payment processing systems in international markets, investigation is being carried out to verify if those devices were also affected.

Topics in this article: , ,
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. A weekly roundup of the latest news and analysis, sent every Wednesday.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy


Thank you for subscribing to Electronic Payments International