Over 500K affected by Forever 21 data breach

SC StaffSeptember 1, 2023

Multinational fast fashion retailer Forever 21 disclosed that data from 539,207 individuals had been compromised in a three-month breach that began in January, TechCrunch reports. Attackers infiltrated Forever 21's systems and exfiltrated customers' names, birthdates, Social Security numbers, and bank account numbers. Moreover, both current and former employees also had their health plan details accessed in addition to personally identifiable information, according to the notice filed with the Maine Attorney General's Office. "Forever 21 has taken steps to help assure that the unauthorized third party no longer has access to the data," said the company, which has neither provided more details regarding the incident nor the measures it implemented to prevent further compromise. Such an incident comes after the fast fashion retailer experienced a major data breach six years ago that involved widespread credit card number theft from its store point-of-sale machines.

SC Staff

Ransomware

MOVEit hack impacts Ontario child registry data

SC StaffSeptember 27, 2023

Ontario's perinatal, newborn, and child registry Better Outcomes Registry & Network had sensitive data from nearly 3.4 million individuals compromised in late May as a result of the widespread MOVEit hack conducted by the Cl0p ransomware operation, reports BleepingComputer.

Cloud Security

Cyberattack compromises Progressive Leasing data

SC StaffSeptember 26, 2023

Major U.S. consumer product leasing firm Progressive Leasing has disclosed that some of its systems have been impacted by a cyberattack that resulted in the significant compromise of personally identifiable information belonging to its customers and other individuals, according to The Record, a news site by cybersecurity firm Recorded Future.

Incident Response

T-Mobile refutes employee data breach

SC StaffSeptember 25, 2023

T-Mobile has denied being impacted by a cyberattack in April that compromised employee information after VX-Underground reported that it had been notified by threat actors of the attack, which occurred immediately after the telecommunications provider was breached in March, according to The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news