Your browser is no longer supported. For the best experience of this website, please upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

Forever 21 finds malware on sales devices

Malware and signs of unauthorised network access have been found on some point of sale devices in Forever 21’s US stores, the retailer has revealed.

The young fashion store launched an investigation in October after receiving a “third party” report in October suggesting that there may have been unauthorised access to data from payment cards used at certain Forever 21 locations.

It determined that encryption technology on some devices was not always on, and the retailer is looking into whether non-US stores have been affected.

The retailer said that while in “most instances” the malware did not obtain cardholders’ names, only card numbers, expiration dates and internal verification codes, “occasionally the cardholder name was found”.

In some stores this happened for a few days or several weeks between 3 April 2017 and 18 November 2017, while for others this occurred for most or all of this time frame.

The retailer said in a statement: “Forever 21 has been working with its payment processors, POS device provider, and third party experts to address the operation of encryption on the POS devices in all Forever 21 stores.

“Forever 21 stores outside of the US have different payment processing systems, and our investigation is ongoing to determine if any of these stores are involved. Payment cards used on Forever 21’s website,, were not affected.”

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions. Links may be included in your comments but HTML is not permitted.