AOH :: IS1133.HTM

US retailer Forever 21 hit by payment card breach

US retailer Forever 21 hit by payment card breach
US retailer Forever 21 hit by payment card breach


http://www.theregister.co.uk/2008/09/17/forever_21_breach/ 

By Dan Goodin in San Francisco
The Register
17th September 2008

Almost 99,000 payment cards used by people shopping at Forever 21 stores 
may have been lifted over a four-year period by people linked to the 
heist of 45.6 million payment cards from customers from stores owned by 
TJX Companies.

On Friday, the company issued a statement on its website that said it 
learned of the theft from law enforcement officials more than a month 
earlier. The theft took place on nine specific dates from March 2004 to 
August of last year as part of crimes alleged in an August 5 indictment 
charging 11 individuals of engaging in wholesale credit card theft 
against stores owned by TJX and others.

The compromised data included card numbers and expiration dates in 
addition to other information that Forever 21 didn't disclose. Forever 
21 offered no details about how its system was breached, but based on 
the indictment, a safe bet is through weak wireless security mechanisms 
used at various retail store locations.

People at Forever 21 have made it impossible to link to the statement. 
The only way to read it is to visit the home page and click on the 
"important customer notice" link at the bottom.


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/

Site design & layout copyright © 1986- CodeGods