The California Office of the Attorney General reported a data breach incident involving Forever 21, Inc. on June 22, 2018. The breach involved unauthorized access to the email accounts of two employees of the third-party insurance broker, Willis Towers Watson, between February 15, 2018 and March 23, 2018, potentially exposing claim-related information of affected individuals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-137352
TPRM report: https://www.rankiteo.com/company/forever-21
"id": "for202072725",
"linkid": "forever-21",
"type": "Breach",
"date": "2/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Fashion',
'name': 'Forever 21, Inc.',
'type': 'Retail'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'type_of_data_compromised': 'Claim-related information'},
'date_detected': '2018-06-22',
'date_publicly_disclosed': '2018-06-22',
'description': 'The California Office of the Attorney General reported a data '
'breach incident involving Forever 21, Inc. on June 22, 2018. '
'The breach involved unauthorized access to the email accounts '
'of two employees of the third-party insurance broker, Willis '
'Towers Watson, between February 15, 2018 and March 23, 2018, '
'potentially exposing claim-related information of affected '
'individuals.',
'impact': {'data_compromised': 'Claim-related information'},
'initial_access_broker': {'entry_point': 'Email Account Compromise'},
'references': [{'date_accessed': '2018-06-22',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Forever 21, Inc.',
'type': 'Data Breach',
'vulnerability_exploited': 'Email Account Compromise'}