Forever 21 Breach Compromised Customers’ Credit Card Information


Another major retailer was breached last year as Forever 21 has now confirmed that point of sale terminals at various stores across the country were breached for the most part of 2017. This resulted in the credit card information of countless customers being leaked. Forever 21 hasn’t said precisely how many customers have been affected by this.

Forever 21 has confirmed that many of its point of sale terminals at retail stores across the United States were breached between April 3rd and November 18th, 2017. It’s unclear at this point in time who is behind this.

The retail chain has also confirmed that in most cases, the breach compromised card numbers, expiration dates, and verification codes but not cardholder names. It also adds that in some cases, the hackers were also able to obtain cardholder names. In other cases, credit card data that was stored in system logs before April 3rd was also compromised.

Forever 21 uses encryption to protect its payment processing system but it turns out that in some stores the encryption was disabled sometimes. This left the point of sale terminals vulnerable to malware. During the full period of this breach, not every terminal in every store was affected and not every store was impacted.

Forever 21 is now investigating if stores outside the United States have been affected as well. The malware didn’t impact purchases made through its website. It’s now working with security firms to improve its security measures.

Forever 21 Breach Compromised Customers’ Credit Card Information , original content from Ubergizmo. Read our Copyrights and terms of use.

More...

Forever 21 Breach Compromised Customers’ Credit Card Information


Another major retailer was breached last year as Forever 21 has now confirmed that point of sale terminals at various stores across the country were breached for the most part of 2017. This resulted in the credit card information of countless customers being leaked. Forever 21 hasn’t said precisely how many customers have been affected by this.

Forever 21 has confirmed that many of its point of sale terminals at retail stores across the United States were breached between April 3rd and November 18th, 2017. It’s unclear at this point in time who is behind this.

The retail chain has also confirmed that in most cases, the breach compromised card numbers, expiration dates, and verification codes but not cardholder names. It also adds that in some cases, the hackers were also able to obtain cardholder names. In other cases, credit card data that was stored in system logs before April 3rd was also compromised.

Forever 21 uses encryption to protect its payment processing system but it turns out that in some stores the encryption was disabled sometimes. This left the point of sale terminals vulnerable to malware. During the full period of this breach, not every terminal in every store was affected and not every store was impacted.

Forever 21 is now investigating if stores outside the United States have been affected as well. The malware didn’t impact purchases made through its website. It’s now working with security firms to improve its security measures.

Forever 21 Breach Compromised Customers’ Credit Card Information , original content from Ubergizmo. Read our Copyrights and terms of use.

More...

Imgur Hack Resulted In 1.7 Million Accounts Being Compromised


Popular photo-sharing website Imgur has confirmed that it was notified of a potential security breach earlier this week that occurred in 2014. The site says that the hack resulted in 1.7 million Imgur accounts being compromised. The leaked data includes email addresses and passwords of users. Imgur continues to investigate the intrusion and promises to inform users as quickly as possible to what it knows and what it’s doing in response.

Imgur received an email earlier this week from a security researcher who frequently deals with data breaches. The researcher believed that he was sent data which included information of Imgur users.

The website’s team arranged to securely receive the data from the researcher and then started working on validating the data that belonged to its users.

Imgur confirmed a couple of days back that approximately 1.7 million user accounts were compromised back in 2014. The compromised information includes only email addresses and passwords. Since the website never asks for real names, addresses, phone numbers or other personally identifying information, no such information of that kind was leaked.

The website is investigating how this breach happened. It reiterates that users’ passwords are always encrypted in its database. It believes that the encryption may have been cracked with brute force due to an older hashing algorithm that was used back then. Imgur updated its algorithm to the new bcrypt algorithm last year.

Affected users have already been notified of the breach. Those who were Imgur users with accounts back then should probably change their passwords out of an abundance of caution.

Imgur Hack Resulted In 1.7 Million Accounts Being Compromised , original content from Ubergizmo. Read our Copyrights and terms of use.

More...