About Adam K Levin | Contact | Videos

Forever 21 Suffers Breach, Underscores Cybersecurity BasicsData Security


cybersecurityWord started spreading yesterday the way it often does with cyber events, like fog. The sun burned through it quickly, in this instance, and we now know (sort of)…something happened.

Forever 21 is still a little vague on specifics, but between March and October of this year, at least some of the company’s point-of-sale devices were vulnerable to attack. According to news reports, a 2015 encryption upgrade was either not installed or not delivered.

The reason this compromise occurred underscores one of the most basic tenets of cybersecurity: update, update, patch, update and patch again.

It also illustrates how vulnerable we all are to cyber exploits. Because a number of stores did not receive an encryption upgrade, hackers had the opening they needed to access payment card information. This is yet another cautionary tale that POS systems can easily become Points of Sabotage, when businesses fail to implement proper security measures.

As we approach the busy holiday shopping season, retailers are prime targets for hack attacks and should make sure they practice safe cyber hygiene like encrypting data, regular penetration testing and monitoring of systems and employee training on proper privacy and security protocols.

Holiday shoppers should not have to worry that their favorite pair of shoes or handbag comes with an unexpected and damaging price tag—their precious time sorting out the aftermath of stolen data used for fraud.