This week, the clothing retailer Forever 21 disclosed to customers that it was hacked earlier in 2017. While the company has not yet offered many details about the intrusion, we know that it is looking into a portion of credit card transactions between March 2017 and October 2017 that were conducted over machines that appear to have been insecure.
[...] We have reached out to Forever 21 for more information about the unencrypted transactions, where the affected stores were located and the security firm it is working with to investigate the incident. The company has set up a customer portal [forever21.com] about the incident that provides a contact number for anyone concerned that their credit card information may have been compromised.
The hack appears to have only impacted certain terminals which were not using encryption or tokenization on card numbers.
Source: https://techcrunch.com/2017/11/15/forever-21-hack/ [techcrunch.com]
Also at ZDNet [zdnet.com],USAToday [usatoday.com] and the WSJ [wsj.com].