Forever 21 Inc. announced Tuesday that an investigation is underway into a report from a “third party” that suggested there may have been unauthorized access to data from payment cards used at some of its stores.
Forever 21 Says “Only Certain Point-Of-Sale Devices… Were Affected”
“Forever 21 immediately began an investigation of its payment card systems and engaged a leading security and forensics firm to assist,” according to a statement issued by the Los Angeles-based retailer of women’s, men’s and children’s clothing and accessories.
“Because of the encryption and tokenization solutions that Forever 21 implemented in 2015, it appears that only certain point-of-sale devices in some Forever 21 stores were affected when the encryption on those devices was not operating,” the statement says.
The company said its investigation is focused on card transactions in Forever 21 stores from March through October.
“The Investigation Is Continuing”
“Because the investigation is continuing, complete findings are not available, and it is too early to provide further details on the investigation,” the statement says. “Forever 21 expects to provide an additional notice as it gets further clarity on the specific stores and timeframes that may have been involved.”
Forever 21 operates more than 815 stores in 57 countries, with retailers in the United States, Australia, Brazil, Canada, China, France, Germany, Hong Kong, India, Israel, Japan, Korea, Latin America, Mexico, the Philippines and the United Kingdom.
Advice For Affected Customers
Company officials said if customers see an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges.
For more information, customers were advised to visit www.forever21.com/protecting–our–customers.