Breach Update: Forever 21 Stored 5-Year-Old Transaction Data
Written by Evan SchumanSeptember 25th, 2008
New information released by Forever 21 confirms that the almost 100,000 credit and debit cards accessed from the chain in a breach included transactions from 2003 through 2005, which were stored on a corporate data center, apparently in violation of PCI rules.
Unlike some of Forever 21's fellow retail chain victims in the so-called TJX Breach case—including TJX, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority and DSW—Forever 21 now says that wardriving was not involved in its breach and that the data was accessed directly from the corporate data center.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Is there really an improvement between a mag swipe and contactless tap if multi-factor authentication is required?
-Ed
