The company didn't specify how many customers had information stolen, but said various point of sales terminals were affected between April 3 and November 18, 2017. Hackers collected credit card numbers, expiration dates, verification codes and sometimes cardholder names.
In its notification to customers, Forever 21 said hackers installed malicious software on some point of sales terminals in stores throughout the country. It's an update to a November 14 announcement saying the company may have been targeted by hackers. The breach is another example of how cybercriminals are targeting major retailers by hacking the systems that process your credit and debit cards, despite companies' efforts to make that harder to do. Fast food chain Chipotle was hit by a similar hack in 2017, as was video game retailer GameStop.
Companies have technologies in place to foil hackers, but they don't always work. Forever 21 said its point of sales terminals, which cashiers use to swipe customers' cards, are supposed to be encrypted. That means anyone intercepting the information would be unable to read it. But sometimes, that encryption was turned off, Forever 21 said in its notification.
The result: hackers who'd infected the machines with their tools could collect credit card numbers, expiration dates and internal verification codes. At times, they could also collect the customer's name, Forever 21 said in its notification.
In its notification to customers, Forever 21 said hackers installed malicious software on some point of sales terminals in stores throughout the country. It's an update to a November 14 announcement saying the company may have been targeted by hackers. The breach is another example of how cybercriminals are targeting major retailers by hacking the systems that process your credit and debit cards, despite companies' efforts to make that harder to do. Fast food chain Chipotle was hit by a similar hack in 2017, as was video game retailer GameStop.
Companies have technologies in place to foil hackers, but they don't always work. Forever 21 said its point of sales terminals, which cashiers use to swipe customers' cards, are supposed to be encrypted. That means anyone intercepting the information would be unable to read it. But sometimes, that encryption was turned off, Forever 21 said in its notification.
The result: hackers who'd infected the machines with their tools could collect credit card numbers, expiration dates and internal verification codes. At times, they could also collect the customer's name, Forever 21 said in its notification.