Recent Cyber Incident Hits Forever 21: What You Need to Know

Reading Time: ( Word Count: )

September 1, 2023

In a fresh update, Forever 21 has brought to public attention a cyber breach that was discovered on March 20, 2023, impacting a specific set of its systems.

Renowned as an international fast-fashion retail giant, Forever 21 calls Los Angeles, California, its home base. At present, it’s under the joint leadership of Authentic Brands Group and Simon Property Group, boasting a network of around 540 stores globally.

Upon realizing the extent of the breach, the fashion retailer acted promptly. A comprehensive probe was launched with the assistance of leading cybersecurity experts.

In tandem, they promptly informed the relevant law enforcement units, ensuring collaborative efforts between them and the company’s in-house investigative team.

The individuals impacted by this incident were informed in writing during the interval of August 29 to August 31, 2023.

Probing into the incident has brought to light that an unsanctioned third party had accessed select systems of Forever 21. This intrusion affected an overwhelming 539,207 people from January 5 to March 21, 2023.

Also Read: Unauthorized Access Threat in All-in-One WP Migration: Immediate Updates Recommended

Recent Cyber Incident Hits Forever 21

A notable mention is that out of these, 1,139 were from the state of Maine. The intruders, within this duration, successfully extracted specific data files.

These files contained sensitive data like individuals’ names, Social Security numbers, birth dates, bank details (excluding access code/pin), and particulars of their Forever21 health plan, including enrollment specifics and premium details.

However, there’s a silver lining. As of now, there’s no tangible proof indicating the misused data for any deceptive purposes or identity theft, and there seems to be no impending threat of it occurring either.

Forever 21 has fortified its defenses to block any more unauthorized access to the data under concern. Additionally, there are no signs pointing to the intruding party having distributed or duplicated the accessed data.

Considering this, the risk level for those whose details got leaked seems to be minimal.

Still, as a safety net, Forever 21 is offering a free one-year subscription to Experian’s IdentityWorksSM for those affected. It’s important to highlight that availing of this service will have zero negative implications on an individual’s credit ratings.

Saher Mahmood

Saher Mahmood


Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...

Submit a Comment

Your email address will not be published. Required fields are marked *