Forever 21 implemented encryption and tokenization in 2015, but it appears the security measures were not implemented at some point-of-sale machines. On Tuesday Forever 21 was notified by a third-party that there “may have been unauthorized access to data from payment cards” between March 2017 and October 2017.
Since notification, Forever 21 has hired an unnamed forensic team to conduct an investigation. Not much is known about the extent of the breach because it is “too early” in the investigation to release much information, but more information will be released as the investigation progresses.
Customers are advised to check their card statements frequently, and customers that see suspicious activity on their card should contact their bank immediately.
The company’s customer number service is 888-494-3837.
*A previous version said that the security measures were not working correctly.