Forever 21 data breach exposes personal info of 500K+ individuals. The global fashion giant is making headlines once again, and this time, it’s not about the latest fashion trends but a recent data breach that has left over half a million individuals at risk. In a cyberattack that took place earlier this year, the company’s systems were compromised, leading to the exposure of sensitive personal information.
Let’s delve into the details of this incident, its impact, and the steps taken by Forever 21 to address it.
Forever 21 data breach: Details
With 540 outlets across the world and a workforce of approximately 43,000 employees, Forever 21 is a colossal presence in the fashion industry. However, the company’s stature couldn’t shield it from the prying eyes of cybercriminals. The Forever 21 data breach, which occurred between January and March of this year, was only detected on March 20, 2023, when the company realized that hackers had gained intermittent access to its systems. Meanwhile, the total number of persons affected (including residents) has already reached 539207.
In a data breach notice shared with the Office of the Maine Attorney General, Forever 21 revealed that an “unauthorized third party” had infiltrated their systems during this period and obtained select files. The potentially exposed data includes:
- Full names,
- Social Security Numbers (SSNs),
- Dates of birth,
- Bank account numbers and even information related to Forever 21’s health plan.
However, the company’s statement clarified that the breach primarily affected current and former employees and did not compromise the personal data of Forever 21’s customers. This crucial distinction alleviates concerns for shoppers who might have feared their information was at risk.
One intriguing aspect of this breach is Forever 21’s assertion that they have taken steps to ensure the stolen data has been erased. While not confirmed, this suggests the possibility of a negotiation with the hackers, often seen in ransomware attacks. However, it’s important to note that no confirmation of a ransomware attack has been provided.
The company also stated that there’s no indication the stolen data has been shared with other cybercriminals, which lowers the overall risk for those affected. Nevertheless, to safeguard the impacted individuals, Forever 21 has offered a free 12-month fraud and identity theft protection service, which is a commendable effort in mitigating potential harm.
It is not the first time that Forever 21 has danced with cyber criminals
This isn’t the first time Forever 21 has faced such a situation. In November 2017, the company had to notify its customers of a data breach affecting its payment system. Card data from transactions made between March and October 2017 was compromised during that incident.
In conclusion, while the Forever 21 data breach is undoubtedly concerning, the company’s swift response and commitment to protecting those affected demonstrate their dedication to customer and employee well-being.
As the world becomes increasingly digital, incidents like these serve as stark reminders of the importance of cybersecurity in our interconnected lives. Forever 21 is working diligently to ensure the fashion shopping experience remains safe and secure for its valued customers and employees.
Featured image credit: Marcus Urbenz/Unsplash