Fashion brand Forever 21 is the latest retailer to suffer a credit card payment security breach.
The family-owned Californian brand admitted in November 2017 that it was hacked and thousands of credit card numbers may have been exposed.
Poorly-encrypted card machines at the till appear to be the source of the hack.
In a statement posted on their website, Forever 21 said they were alerted to the breach after getting “a report from a third party that suggested their may have been unauthorized access to data from payment cards”.
The company warned anyone who had shopped in their stores between March and October 2017 to check their bank accounts for suspect payments.
It’s understood that hackers may have been able to gain access to credit card numbers because not all payments made at the till had been properly encrypted.
The average cost of each shop under investigation is £130, the company reported.
Forever 21 has over 800 clothing stores in 57 countries worldwide.
It closed UK outlets in Manchester and Glasgow this year, retaining only three flagship shops in Birmingham’s Bullring Centre, in Liverpool, and on Oxford Street in London.
As a rule, credit card companies tend not to penalise their cardholders if they are the victims of fraud.
But Forever 21 did not release a list of the cards affected, nor could it say which stores were under investigation.
While the security incident raises serious concerns, both about the viability of Forever 21 and the security of other card payment machines in other big retailers, there could be more revelations coming.
MAIN IMAGE: Forever 21, Birmingham/Wildbytes