Fashion victim: Almost 100,000 payment cards stolen

US fashion retailer Forever 21 has announced that it had been informed by the Secret Service that the credit and debit card details of some 98,930 customers had been accessed by hackers.

The stolen information contained card numbers, expiration dates and other data, but not customers’ names and addresses.

In their statement, Forever 21 say that they have published an advisory for their customers concerned about the incident. Maybe my eyesight is failing, but it wasn’t obvious to me at all where it was on their JavaScript-heavy website. I did some internet detective work however, and finally uncovered it at www.forever21.com/notice/notice.html.

Here it is..

Forever 21 customer statement about data breach

It strikes me that it’s not a terribly useful customer statement if you have to do your best Lieutenant Columbo impression to find it. If you were a regular customer of Forever 21 you wouldn’t have much of a clue that there had been a possible leak of your credit card details unless you had read the headlines in the IT press.

One of the things that is interesting in this case is that it appears to be linked to the charges being brought against 11 men who allegedly hacked into other major retail companies and stole more than 40 million credit and debit card numbers. Companies affected in that heist included the likes of Barnes & Noble, OfficeMax, and TJX, which operates retail stores T.J. Maxx – known as TK Maxx in the UK – and Marshall’s.

Last week, Damon Patrick Toey, one of the men accused of the TJX data breach pleaded guilty. He is due to be sentenced on 10 December.