The Weekly breach Breakdown Podcast by ITRC - New Breach, New Me - S4E25

Show Transcript

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for September 8, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss data breaches, particularly the Forever 21 data breach, and how they affect major retail brands and your wallet.  

Forever 21 Data Breach

Data breaches are becoming more and more common these days. The ITRC is on pace to track a record number of data compromises in 2023. The consequences of these data events can be devastating. 

What Happened

Forever 21, a major clothing brand, recently experienced a data breach that affected millions of people. According to TechCrunch and a notice filed with Maine’s Attorney General, the fashion giant was hacked over a three-month period beginning in early January 2023. During this time, intruders obtained files from its systems, including the personal information of current and former employees. 

What Was Exposed

Data exposed in the Forever 21 data breach included sensitive information such as names, dates of birth, bank account numbers and Social Security numbers. It also had information regarding employees’ Forever 21 health plans, including enrollment and premiums paid. Forever 21 notified 539,207 people that their data was breached. However, it’s not clear how the company obtained the claim of assurance that the unauthorized third party no longer has access to the data. 

What to Do if You Receive a Data Breach Notice

In light of the Forever 21 data breach, it’s important to be aware of the dangers of data breaches and to take steps to protect your personal information. If you’ve been affected by the Forever 21 data breach and received a data breach notice, follow the advice offered by the impacted company. Freeze your credit to ensure no new credit accounts can be opened in your name. Immediately change your password and switch to a 12+-character passphrase, change the passwords of other accounts with the same password as the breached account, use multifactor authentication (MFA) with an app – SMS can be spoofed – and keep an eye out for phishing attempts that claim to be from the breached organization. The ITRC is also a great place to start. We offer free assistance to victims of identity theft and data breaches. Anyone can call 888.400.5530 to speak with an expert advisor. 

This is Not the First Forever 21 Data Breach

It’s also important to note that Forever 21 has had a data breach before. In 2017, the company experienced a massive theft of credit card numbers from its store point-of-sale machines. This second Forever 21 data breach also highlights the importance of companies taking cybersecurity seriously and implementing measures to protect their customers’ data. 

Contact the ITRC

If you want to know more about how to protect your business or personal information, learn about the Forever 21 data breach, or if you think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. Be sure to check out the latest episode of our sister podcast, The Fraudian Slip, where we break down the findings from our annual report on how identity crimes impacted consumers in the past year. You can download the report by visiting www.idtheftcenter.org/publications. 

We will return next week with another episode of the Weekly Breach Breakdown.