Forever 21, a US clothing retailer, revealed that there was a security breach at certain of its locations, resulting in the theft of payment card data.
The company claims that unidentified hackers breach its payment systems and take credit cards that are used at some of its retail locations.
The company acknowledged that, although it was only used at specific points of sale, it had adopted token-based authentication and encryption back in 2015.
Customers are encouraged to keep a close eye on their payment card statements as unauthorised charges are still being investigated.
Source: https://securityaffairs.com/65596/data-breach/forever-21-payment-card-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/forever-21
"id": "for2314171223",
"linkid": "forever-21",
"type": "Breach",
"date": "11/2017",
"severity": "50",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Clothing',
'location': 'United States',
'name': 'Forever 21',
'type': 'Retailer'}],
'attack_vector': 'Unknown',
'customer_advisories': ['Encouraging customers to monitor their payment card '
'statements'],
'data_breach': {'data_encryption': ['Token-based authentication and '
'encryption'],
'type_of_data_compromised': ['Payment Card Data']},
'description': 'Forever 21, a US clothing retailer, revealed that there was a '
'security breach at certain of its locations, resulting in the '
'theft of payment card data. The company claims that '
'unidentified hackers breach its payment systems and take '
'credit cards that are used at some of its retail locations. '
'The company acknowledged that, although it was only used at '
'specific points of sale, it had adopted token-based '
'authentication and encryption back in 2015. Customers are '
'encouraged to keep a close eye on their payment card '
'statements as unauthorized charges are still being '
'investigated.',
'impact': {'data_compromised': ['Payment Card Data'],
'systems_affected': ['Payment Systems']},
'motivation': 'Financial Gain',
'response': {'communication_strategy': ['Encouraging customers to monitor '
'their payment card statements']},
'threat_actor': 'Unidentified Hackers',
'title': 'Forever 21 Payment Card Data Breach',
'type': 'Data Breach'}