Forever 21 data breach sees thousands of victims affected

Hackers stole data on current and former Forever 21employees

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Employees of Forever 21, both current and former, have had personal data stolen in a cyberattack that the company suffered earlier this year, the company has confirmed.

Forever 21 confirmed unnamed threat actors were occasionally able to infiltrate the company’s infrastructure and steal sensitive data from itsendpointsbetween early January and late March 2023.

During this time, the hackers stole people’s full names, Social Security Numbers, birth dates, bank account numbers, and their Health Plan information.

No customers affected

In a statement given toBleepingComputer, the company’s spokesperson confirmed that the customers were not affected by the breach. Forever 21 operates 540 outlets all over the world, employing more than 40,000 people.

Citrix servers hacked using zero-day exploit>Hackers are targeting US critical infrastructure using this Citrix zero-day>These are the best privacy tools around

The company filed a breach notice with the Office of the Maine Attorney General earlier this month, the publication stated, in which it said that it engaged with the attackers to ensure the stolen data doesn’t get leaked online. This usually happens in cases of ransomware attacks. However, no ransomware attack against Forever 21 has been confirmed. It is also worth mentioning that lately, ransomware attackers started refraining from deploying the encryptor, as it is too expensive and cumbersome to develop, maintain, and deploy. Instead, some are opting just for data theft, which might have been the case here.

If Forever 21 did pay any ransom, the amount is unknown. The stolen data doesn’t seem to have been posted anywhere.

In any case, caution is advised. The company will enroll affected individuals in fraud andidentity theft protectionservices for a year, free of charge. Those who believe they might be affected by this incident should be careful when receiving emails and other forms of communication, especially if the sender appears to be Forever 21.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Your doctor may have an AI assistant taking notes during your next Zoom call