Clothing franchise Forever 21 disclosed a security breach involving credit cards last month, and now the company is back with an update on its investigation. According to the company, it was alerted to a potential security issue by a third-party back in October of this year. That triggered an investigation by the company, which found that some stores’ point-of-sale devices didn’t always utilize encryption.
In addition to encryption issues, the investigation found “signs of unauthorized network access,” as well as malware installed on some store point-of-sale systems. This malware, according to a statement from the company, was used to find payment card info. Details about the malware were given, including that it searched for the track data read by the POS device from the bank card.
“In most instances,” Forever 21 says, “the malware only found track data that did not have cardholder name — only card number, expiration date, and internal verification code — but occasionally the cardholder name was found.”
It appears the malware only hit US stores, not international ones; it was active on the infected devices from April 3 to November 18 of this year, though not all stores were compromised for that entire duration. Most stores only had one or a few devices infected with the malware, the company explains.
However, because of a POS log that tracked card transaction authorizations, Forever 21 says devices that didn’t have encryption turned on were storing the info in the log. Data from prior to April 3 may in some cases have been accessible to the malware via the unencrypted log. The scope of that problem isn’t clear.
Forever 21 customers who believe their info could have been compromised should monitor their accounts for signs of fraud.
SOURCE: Forever 21
Image by Natalitiameom via Wikipedia