Forever 21, the popular clothing retailer, recently revealed to its customers that hackers had breached the store's security systems and had been compiling “credit card numbers, expiration dates, verification codes and sometimes cardholder names,” from April 3rd to November 18th, 2017. It's unknown how many people the breach affected.
It turns out that Forever 21 had their encryption turned in a key system that logged credit card information when sales were made. While the encryption wasn't functioning malware was able to install itself and transmit the data back to hackers.
We regret this incident occurred and any concern this may have caused you.
This is far from the first time hackers have breached a security system and made off with innocent people's information. The number of people who have been affected is astonishing: Equifax's breach lost the information of 145 million individuals, Uber's lost 57 million, and Yahoo admitted that, in 2013, the information in all 3 billion of their accounts had been taken. Just earlier this year, Gamestop and Chipotle were also affected.
It turns out finding the criminals behind such attacks is fairly easy. They often take their stolen data and sell it on the "deep web." The hard part is prosecution - the cybercriminals are often located overseas. U.S. Attorney Norman Barbosa commented to CNN Money:
It’s somewhat common to identify them. It‘s a little more more difficult to prosecute them. Much of the investigations in computer crimes are focused on trying to pull back layers to find out who is behind the criminal activity.
Forever 21 first made customers aware of a possible problem on November 14th in a brief statement which claimed there may be "unauthorized access to data from payment cards." The company is working to ensure this doesn't happen again:
Because of the encryption and tokenization solutions that FOREVER 21 implemented in 2015, it appears that only certain point of sale devices in some FOREVER 21 stores were affected when the encryption on those devices was not in operation.
We will continue to work to address this matter.