Clothing retailer Forever 21 has disclosed that hackers gained access to credit card information of customers who shopped on nine dates between 2004 and 2007 and of customers who shopped at the merchant’s Fresno, Calif. outlet between Nov. 26, 2003 and Oct. 24, 2005.
What type of personal information? Credit and debit card numbers, in some cases expiration dates and other card details.
How many victims? 98,930 accounts.
What happened? On Aug. 5, the U.S. Secret Service notified Forever 21 that it was one of 12 retailers whose systems were compromised by a gang of hackers recently indicted. The retailer then conducted a forensic exam to confirm the data heist.
What was the response? Forever 21 sent notification letters to affected customers and contacted the three major credit reporting bureaus.
Details: The shoppers affected made purchases on five dates in 2004 and four dates in August 2007. Forever 21 says it has been in compliance with the Payment Card Industry Data Security Standard since 2007. After the company was informed of this breach, it said it implemented additional security measures.
Source: PR Newswire, MarketWatch, “Forever 21 Provides Notice to Customers Regarding Security Breach Incident,” Sept. 12.