Forever 21 is the latest retailer to be hit with a data breach: The fast-fashion retailer said Tuesday that it had begun an investigation of its payment card systems after it was recently notified by a third party that there may have been "unauthorized access to data from payment cards that were used at certain Forever 21 stores."
The company said it was focused on card transactions in Forever 21 stores from March 2017 through October 2017. It did not immediately provide additional details to BuzzFeed News.
"We immediately began an investigation of our payment card systems and engaged a leading security and forensics firm to assist us," the company told BuzzFeed News in a statement. "Protecting our customers’ payment card data is a top priority, and we are continuing to take steps to address this incident."
Only certain point-of-sale devices in some stores were affected when the encryption on those devices was not operating, the company said. It did not specify a number or geographic scope.
Forever 21 joins one of dozens of companies that have been hit by data hacks this year alone: Arby's, Saks Fifth Avenue, Chipotle, Verizon, Equifax, and Whole Foods Market are among 37 companies that have reported a data breach in 2017, according to IdentityForce, a personal information security and protection service company that tracks data breaches.
Consumers should closely monitor their payment card statements. A shopper who sees an unauthorized charge should immediately notify the bank that issued the card. Payment card network rules generally do not hold cardholders responsible for unauthorized charges.