• Home
  • News
  • Retail
  • Forever 21 takes steps after payment card security risk

Forever 21 takes steps after payment card security risk

By Sara Ehlers

Jan 3, 2018


Forever 21, Inc. has discovered more information about the payment card security incident that happened a few months ago. After the mishap on November 14 in 2017, Forever 21 made various changes and took several measures on the matters.

Since 2015, the retail giant used an encryption technology for its payment processing system. The company received a report from a third party in mid-October this past year suggesting that there was some unauthorized activity in regards to payment cards, according to a press release. At the time, Forever 21 hired payment technology and security firms to help assist the situation.

Forever 21 investigates payment card security incident of 2017

The investigation of these situations found that the encryption technology on some point-of-sale (POS) devices were not always on. This meant that there were unauthorized network access and installation of malware on some of these devices that could search payment card data. The investigation found that the encryption was off and malware was installed on devices in certain U.S. stores from the time period of April 3 to November 18. Payment cards used on the brand's website were not affected.

In order to ensure that the payment card security matter doesn't happen again, Forever 21 has been working with its payment processors, POS device provider and third-party experts to address the operation of encryption in all of Forever 21's in-store devices. "We regret this incident occurred and any concern this may have caused," Forever 21 released in a statement. Currently, stores outside of the U.S. have a different payment system, and the fast-fashion company is still investigating these matters.

Photo Source: Forever 21

Forever 21