Forever 21 Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Forever 21, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

Photo illustration of a data breachOn or about August 29, 2023, Forever 21 sent a Notice of Data Breach Letter (“Breach Letter”) to individuals, including employees, former employees, and their dependents. The Breach Letter informed victims that their personally identifiable information (“PII”) was exposed when Forever 21 claims there was a “cyber incident that impacted a limited number of systems.” (the “Data Breach”)

According to the Breach Letter, Forever 21 discovered the Data Breach in March 2023 and investigated the Data Breach and determined that, between January 5, 2023 and March 21, 2023  hackers had “obtained select files from certain Forever 21 systems” without authorization. Forever 21 has revealed that the PII available to the hackers during this breach consists of, including, but not limited to: name, Social Security number, date of birth, bank account number (without access code or pin), and information regarding impacted persons’ Forever 21 health plan, including enrollment and premiums paid.

Forever 21 discovered the Data Breach in March, 2023. It waited until August 29, 2023 to send Breach Letters to victims.

Forever 21 is a major clothing retailer and is based in Los Angeles, California. It has over 43,0 00 employees across 540 locations and in 2022, had over $4 billion in revenue. The data of over 539,207 individuals was compromised by this data breach. If you received a Breach Letter from Forever 21 or any of its related entities, you were impacted by the data breach.

Forever 21 has offered victims one-year of credit monitoring through IdentityWorks.

WHAT INFORMATION IS INVOLVED?

According to Forever 21, the following information was exposed:

  • Names
  • Social Security numbers
  • Dates of birth
  • Bank Account Number (without access code or pin)
  • Information regarding Forever 21 health plan, including enrollment and premiums paid

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible. California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Forever 21, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.