Forever 21 hack reveals payment card data

The clothing retailer says hackers compromised point of sale devices at stores for a good part of the year.

Edward Moyer Senior Editor

Edward Moyer is a senior editor at CNET and a many-year veteran of the writing and editing world. He enjoys taking sentences apart and putting them back together. He also likes making them from scratch. ¶ For nearly a quarter of a century, he's edited and written stories about various aspects of the technology world, from the US National Security Agency's controversial spying techniques to historic NASA space missions to 3D-printed works of fine art. Before that, he wrote about movies, musicians, artists and subcultures.

Credentials

Ed was a member of the CNET crew that won a National Magazine Award from the American Society of Magazine Editors for general excellence online. He's also edited pieces that've nabbed prizes from the Society of Professional Journalists and others.

See full bio

Edward Moyer

Nov. 15, 2017 11:00 a.m. PT

2 min read

Forever 21 store in New York — With any luck, that "Empire Strikes Back" sweatshirt didn't cost you your payment card data.
Getty Images

Psst. Don't look now, but there may be hackers in your closet.

Actually, you might want to look now if you recently threw down some plastic at a Forever 21.

The clothing retailer revealed on Tuesday that hackers may've been able to scoop up customers' payment card data at certain stores during a good chunk of the year. Point of sale devices were compromised at as-yet-unnamed locations from March to October, the company said in a notice on its site.

Details are scarce at the moment. Forever 21 says it's hired a "leading security and forensics firm" to investigate and that it "expects to provide an additional notice as it gets further clarity on the specific stores and timeframes that may have been involved."

In the meantime, it's notifying customers, and it's offered up some sage advice:

"It is always advisable for customers to closely monitor their payment card statements. If customers see an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges."

Forever 21 is far from being the only business hit by a point of sale attack, wherein hackers plant a skimmer on a card reader and swipe your data when you swipe your card. Target, T.J. Maxx, P.F. Chang's and Michaels are but a few of the other chains nailed by breaches over the years.

So, check your closet, and your bank statement.

Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

CNET en Español: Get all your tech news and reviews in Spanish.