Forever 21 data breach affects half a million people


Share post:

Clothing giant Forever 21 said a data breach earlier in the year affects more than half a million individuals.

A data breach notice filed with Maine’s attorney general said the fashion giant was hacked over a three-month period beginning early January 2023, during which intruders obtained files from its systems. This data included the personal information of current and former employees, said Lorena Terroba Urruchua, a spokesperson for Forever 21 via public relations firm FTI Consulting, in an email to TechCrunch.

According to the notice, Forever 21 notified 539,207 people that the breached data included their name, date of birth, bank account number and Social Security number, as well as information regarding employees’ Forever21 health plan, including enrollment and premiums paid.

Forever 21 did not describe the incident beyond a breach of its systems, but noted that, “Forever 21 has taken steps to help assure that the unauthorized third party no longer has access to the data.” It’s not clear how Forever 21 obtained this claim of assurance. The ambiguous wording of the notice could imply the company paid the hacker in exchange for deleting the data.

It’s not uncommon for ransomware and extortion groups to threaten to publish the data they steal if the victim does not meet a ransom demand, but security experts have long said it’s not possible to trust that a threat actor has deleted the data as claimed.

Forever 21 spokesperson Terroba Urruchua declined to comment further.

Forever 21 has about 500 retail locations and an online store. It’s the second data breach in recent years after a massive theft of credit card numbers from its store point-of-sale machines in 2017.

Last week, retail giant Shein and Forever 21 announced a partnership that would allow both brands to reach each others’ customers, including a deal by Shein to acquire about a third of Forever 21’s operator, Sparc Group. It’s not clear if news of Forever 21’s data breach would affect the partnership.

Corrected to note that only current and former employees affected, not customers.

Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

India’s PhonePe launches app store with zero fee in challenge to Google

PhonePe launched the Indus AppStore Developer Platform on Saturday, promising zero platform fee and no commission on...

How CFOs can reduce SaaS spend by 30% in these tough times

CloudEagle founder and CEO Nidhi Jain has over two decades of leadership experience in companies like ServiceNow,...

LimeLoop’s sleek reusable mailers seek to replace cardboard boxes

The era of e-commerce has brought choice, convenience, and cardboard boxes. Oh, so many cardboard boxes. “Everything goes...

AquaLith might have an answer to the US battery material shortage problem

AquaLith has its eye on a billion-dollar market opportunity: new types of battery cell components that don’t...

Bay Area baby belly beholding Battlefield bounty

Welcome to Startups Weekly. Sign up here to get it in your inbox every Friday. If this newsletter...

Unity U-turns on controversial runtime fee and begs forgiveness

Unity has done a 180 on a controversial new pricing scheme that users of its cross-platform game...

Pitch Deck Teardown: Transcend’s $20M Series B deck

If you’ve ever had to plan a large infrastructure project — like building a new section of...

TechCrunch+ Roundup: Prompt engineering, web3 gaming survey, how to spend $10K on paid ads

Few VCs are experts in machine learning or building deep learning frameworks, but most of them are...