Anyone who's perused the fast fashion-filled racks at Forever 21 should take a closer look at their bank statements.
Though Forever 21 didn't announce which stores were specifically affected by the breach, it did note that anyone who shopped from March 2017 to October 2017 could have had their information compromised. Forever 21 said that it was still investigating the incident and didn't release the number of people affected or provide any other information.
BuzzFeed adds that a third-party monitoring service alerted the store to the breach. Encryption used to scramble credit-card data collected from shoppers wasn't functioning properly, which could have allowed hackers "unauthorized access to data from payment cards that were used at certain Forever 21 stores."
"We immediately began an investigation of our payment card systems and engaged a leading security and forensics firm to assist us," the company told BuzzFeed News via a statement. "Protecting our customers' payment card data is a top priority, and we are continuing to take steps to address this incident."
Unlike the Equifax hack earlier this year, the fashion company isn't offering shoppers any sort of monitoring service. If anyone does find a suspicious charge, the store says to contact the credit card issuer to handle the unauthorized charges. BuzzFeed assures shoppers that, generally, credit card companies will not question an unauthorized charge, so cardholders won't be held responsible for them.
Forever 21's data breach puts it in some rarified company. Identity Force, a company that tracks data breaches, reports that this year alone, user data has been hacked at 37 different companies, including Whole Foods, Chipotle, and Saks Fifth Avenue.
Read These Stories Next: