Forever 21 Data Breach – Class Action Investigation
Chimicles & Tikellis LLP is investigating a potential class action lawsuit against fashion retailer Forever 21 following its confirmation in late 2017 that it detected a security breach in a number of point of sale terminals at Forever 21 stores across the United States. Forever 21 confirmed that the data breach occurred between April 3, 2017 and November 18, 2017, and that hackers stole payment card numbers, card expiration dates, and card verification codes. In some cases, customer names may have been exposed.
Forever 21 has acknowledged that the encryption technology used by the store to protect its payment processing system had been turned off in certain cases, opening up Forever 21’s point of sale terminals to malware. The company’s investigation also found some stores’ authorized payment data logs could have also potentially been under attack by the malware. Furthermore, credit card data stored in certain system logs prior to April 3rd were also exposed in some cases. Forever 21 is investigating whether non-US stores were affected.
Forever 21’s failure to protect consumer payment card and other sensitive information may be a violation of state and federal consumer protection and data privacy laws. Large data breaches can expose consumers to identity theft, fraud, and other financially devastating circumstances. Consumers who believe they have been impacted by the Forever 21 data breach should remain vigilant to the possibility of fraud and monitor their payment card accounts.
If you believe your personal financial information was compromised by the recent data breach at Forever 21, please contact the lawyers listed on this page.