The California Office of the Attorney General reported a data breach involving Forever 21, Inc. on December 28, 2017. The breach occurred from April 3, 2017 to November 18, 2017, and involved unauthorized access to payment card data from certain stores, affecting unspecified numbers of individuals with exposures including card numbers, expiration dates, and internal verification codes.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-131937
TPRM report: https://www.rankiteo.com/company/forever-21
"id": "for356072825",
"linkid": "forever-21",
"type": "Breach",
"date": "4/2017",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Fashion',
'name': 'Forever 21, Inc.',
'type': 'Retail'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['card numbers',
'expiration dates',
'internal verification codes']},
'date_detected': '2017-11-18',
'date_publicly_disclosed': '2017-12-28',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Forever 21, Inc. on December 28, 2017. The '
'breach occurred from April 3, 2017 to November 18, 2017, and '
'involved unauthorized access to payment card data from '
'certain stores, affecting unspecified numbers of individuals '
'with exposures including card numbers, expiration dates, and '
'internal verification codes.',
'impact': {'data_compromised': ['card numbers',
'expiration dates',
'internal verification codes'],
'payment_information_risk': True},
'references': [{'date_accessed': '2017-12-28',
'source': 'California Office of the Attorney General'}],
'title': 'Forever 21 Data Breach',
'type': 'Data Breach'}