Forever 21 has disclosed a serious data breach that occurred earlier this year and affected over 500,000 people.
A data breach notification sent to the attorney general of Maine claims that the incident happened during three months beginning in January 2023. The retail giant reported that hackers broke into the company's networks during this period. The cyberattackers gained access to files holding delicate personal data belonging to Forever 21 customers and workers.
The Forever 21 data breach compromised names, dates of birth, bank account numbers, Social Security numbers, and health plan enrollment and premium payment information. Forever 21 contacted 539,207 people whose sensitive data was compromised as soon as it became aware of the cyberattack, according to a Tech Crunch report.
Forever 21 Says the Situation is Under Control
Forever 21 claimed that it had taken actions to ensure the third-party responsible for the breach no longer had access to the stolen data, according to Security Week. However, this claim of confidence still needs to be determined, as it is unclear whether the company paid the hacker in exchange for the security of the compromised sensitive data.
The multinational fashion retailer highlighted that, despite the incident, it had not discovered proof that the stolen data was used for fraud or identity theft. However, since hackers often utilize such data for phishing attempts and other dangerous actions, the stolen information poses a severe risk.
Read Also: Artists Challenge AI Image-Generators in Lawsuit Over Unauthorized Use of Work
Security awareness expert Erich Kron of the cybersecurity company KnowBe4 emphasized the seriousness of the issue for individuals impacted by the incident. He pointed out that extremely sensitive information from the hacked databases makes both current and past workers susceptible to identity theft and focused phishing attacks.
Although there have not been any confirmed cases of identity theft related to the Forever 21 data breach, according to Kron, the stolen data may still be sold on the dark web. "Information such as a social security number does not expire and can be useful for attackers for decades," the cybersecurity expert said, as quoted by Chain Store Age in its report.
How Will It Impact the Company?
Some anticipate that the Forever 21 data breach will jeopardize a partnership. Forever 21 and retail juggernaut Shein announced a collaboration last week, intending to reach each other's consumer bases. As part of this partnership, Shein also acquired a sizable share in Sparc Group, the company in charge of Forever 21. However, the data breach's effects on this collaboration are yet unknown.
Forever 21 has more than 572 retail locations worldwide and is headquartered in Los Angeles. The retail company also has a solid online presence.
Related Article: Hacker Group Anonymous Sudan Takes X Offline to Push for Starlink Launch
