Retailer Forever 21 has been hit with a class action, claiming the company allowed current and former workers' personal information to be exposed when it suffered a data breach.
On March 20, 2023, the company detected "a cyber-intruder who had gained intermittent access to information on Forever 21’s servers," says the lawsuit, filed in federal court in Los Angeles.
"Forever 21 knew or should have known of the increasing number of well-publicized data breaches that have occurred in the United States," the suit says. "And yet, Forever 21 failed to adequately secure and upgrade its systems and failed to provide notice to affected individuals within a reasonable amount of time."
The suit seeks to represents all current and former employees of the company whose personal information was compromised.
"The data breach was the result of a sophisticated, intentional, and malicious attack by professional cybercriminal hackers and was not the result of an accidental disclosure by a Forever 21 employee," the lawsuit states. "Thus, there is an increased and substantial risk that the victims will experience identity theft or fraud that is sufficiently imminent."
The suit seeks unspecified compensatory, statutory, and punitive damages, plus legal fees.
The plaintiffs are represented by attorneys Eric M. Poulin, Blake G. Abbott and Paul J. Doolittle, of Poulin, Willey, Anastopoulo LLC, of Charleston, South Carolina, and John Christian Bohren, of Bohren Law APC, of West Hollywood.
Taylor v. Forever 21 Inc., U.S. District Court for the Central District of California, 2:23-cv-08651.