Forever 21 Breach Lasted Over Seven Months

Encryption was not turned on at some of the point of sale (POS) devices used in Forever 21 stores, exposing customers card data to info-stealing malware last year, the firm has revealed. In an update to November revelations of a major data breach, the fashion retailer claimed that an investigation had found signs of “unauthorized network access and installation of malware on some POS devices designed to search for payment card data.” “The malware searched only for track data read from a payment card as it was being routed through the POS device,” it added. “In most instances, the malware …

Read the source article at Infosecurity Magazine

Leave a Reply

Your email address will not be published. Required fields are marked *