Forever 21 discloses data breach: 500K+ affected


The renowned clothing brand, Forever 21, has disclosed a data breach affecting over half a million of its current and former employees.

ADVERTISEMENT

Forever 21 encountered what it termed a cyber incident that impacted a “limited number” of its systems on March 20, 2023. The investigation unveiled that an unauthorized third party accessed files from specific systems between January 5, 2023, and March 21, 2023.

“We have no evidence to suggest your information has been misused for purposes of fraud or identity theft as a result of this incident – and no reason to believe that it will be. Forever 21 has taken steps to help assure that the unauthorized third party no longer has access to the data,” the company said.

It also believes that the third party hasn’t copied, retained, or shared any of the data, and therefore, the risk to individuals is low. According to the data breach notice with the Maine Attorney General’s Office, the incident might have impacted 539,207 people. The compromised data included:

  • Name
  • Social Security number
  • Date of birth
  • Bank account number (without access codes or PINs)
  • Information regarding health plans
ADVERTISEMENT

Forever 21 has hundreds of locations and approximately 50,000 employees. This is not the first time the brand has reported a security incident. In 2017, it was hit by a credit card data breach due to encryption failure.

Correction. The article previously stated the breach affected over 500,000 of the company's customers when, according to its representative, the breach affects over 500,000 of its current and former employees.