http://www.theregister.co.uk/2008/09/17/forever_21_breach/ By Dan Goodin in San Francisco The Register 17th September 2008 Almost 99,000 payment cards used by people shopping at Forever 21 stores may have been lifted over a four-year period by people linked to the heist of 45.6 million payment cards from customers from stores owned by TJX Companies. On Friday, the company issued a statement on its website that said it learned of the theft from law enforcement officials more than a month earlier. The theft took place on nine specific dates from March 2004 to August of last year as part of crimes alleged in an August 5 indictment charging 11 individuals of engaging in wholesale credit card theft against stores owned by TJX and others. The compromised data included card numbers and expiration dates in addition to other information that Forever 21 didn't disclose. Forever 21 offered no details about how its system was breached, but based on the indictment, a safe bet is through weak wireless security mechanisms used at various retail store locations. People at Forever 21 have made it impossible to link to the statement. The only way to read it is to visit the home page and click on the "important customer notice" link at the bottom. __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Wed Sep 17 2008 - 00:04:22 PDT
This archive was generated by hypermail 2.2.0 : Wed Sep 17 2008 - 00:35:22 PDT