Fashion retailer Forever 21 has confirmed and provided additional details on the payment card security breach that occurred at some of its US stores in November 2017.
An investigation carried out by the firm revealed that the encryption technology on some point-of-sale (POS) devices was not always on at certain stores.
The firm has also found some POS devices with signs of unauthorised network access and installation of malware, which was designed to search for track data read from a payment card on the devices.
The malware found card number, expiration date and internal verification code in majority of instances, while cardholder name was found occasionally, the fashion retailer said.
The malware was also installed on a log device that was used to store payment card data, when the encryption was off.
Currently, the firm is working with its payment processors, POS device provider and third-party experts to resolve the encryption issues on the POS devices at all its stores.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataForever 21 has also collaborated with security firms to boost the security measures.
While the firm has other payment processing systems in international markets, investigation is being carried out to verify if those devices were also affected.