Forever 21 announced that it recently learned of unauthorized access to its payment systems, potentially exposing the credit card details of customers who shopped in stores.
In a press release on Tuesday, the popular fast fashion retailer said it immediately began an investigation after receiving a report from a third-party regarding the security incident.
The Los Angeles-based company – which operates over 800 locations in 57 countries – added that customers who shopped between March and October of this year may have been impacted.
However, it did not specify which locations had been breached, citing that it was “too early” to provide additional information.
The company noted that it implemented encryption and tokenization solutions back in 2015, therefore, “only certain point of sale [PoS] devices in some Forever 21 stores were affected.”
The retail chain explained the breach may have occurred when the encryption on such PoS devices was “not in operation.”
Forever 21 said it has engaged a leading security and forensics firm to assist with the ongoing investigation.
Meanwhile, the company urges customers to closely monitor their payment card statements and report any suspicious account activity.
“If customers see an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges,” the company said.