A Forever 21 data breach uncovered last November has prompted the fashion retailer to boost security at its checkout counters.

In the security scare, hackers installed malware on point-of-sale machines at store checkouts in the US.

A two-month long investigation has revealed that encryption technology on some POS devices at an unspecified number of stores was not always on and that malware had been installed by criminals looking to mine the system for customer payment data.

The breaches occurred between April 3 and November 18 last year, lasting between a few days and in some cases the entire period, the company has admitted. Forever 21 stores use multiple POS devices and in most cases only one or a few of the POS devices in a store were affected.

The malware searched for data on cards used for payments at the point-of-sale. In most cases, the data did not include the cardholder’s name, so was of no use to the hackers, but in a minority of instances, the cardholder’s name was found.

Forever 21 said it has been working with its payment processors, hardware suppliers and independent consultants to improve the encryption systems on the POS devices in all Forever 21 stores.

“We also continue to work with the payment card networks so that the banks that issue payment cards can be made aware of this incident,” the company said in a statement. “Lastly, we will continue to support law enforcement’s investigation of this incident.”

This story first appeared on sister site, Inside Retail Asia.

Access exclusive analysis, locked news and reports with Inside Retail Weekly. Subscribe today and get our premium print publication delivered to your door every week.