500k Employees’ Data Exposed in Forever 21 Breach
Clothing retailer Forever 21 disclosed a data breach that has affected the personal information of over 500,000 individuals. The breach came to light when Forever 21 detected a cyberattack on March 20th, 2023, prompting an immediate investigation. The findings revealed that hackers had intermittently gained access to the company's systems between January 5th, 2023, and March 21st, 2023, allowing them to pilfer sensitive data.
In a notice filed with Maine’s attorney general, the company stated that 539,207 people were affected by the breach. The data encompassed a range of personal information, including full names, Social Security Numbers, birthdates, bank account numbers, and details related to Forever 21's Health Plan. This comprehensive data can be leveraged by cybercriminals for various malicious purposes, including identity theft and financial fraud.
The breach exclusively affected current and former Forever 21 employees, and the company was quick to clarify to BleepingComputer that customer data remained unaffected. It operates a vast network of 540 outlets worldwide and employs approximately 43,000 people.
Forever 21 has asserted that they've taken steps to ensure the deletion of the stolen data, suggesting possible communication with the hacker and a possible ransom payment. However, there has been no official confirmation regarding whether this incident was a ransomware attack. Furthermore, Forever 21 stated that they have no indication that the stolen data has been shared with other cybercriminals.
To assist those impacted by the breach, the company has promised to offer access to a 12-month fraud and identity theft protection service free of charge. This can help those affected mitigate the potential risks arising from the exposure of their sensitive personal data.
Forever 21 has had its share of data breach incidents in the past, with an incident in November 2017, in which customers were notified of a breach involving its payment system. In that incident, card data from transactions made between March and October 2017 was compromised.
This incident serves as a reminder of the evolving and persistent nature of cyber threats. Companies of all sizes and industries must remain vigilant and invest in robust cybersecurity measures to protect their systems and data.