US fashion retailer Forever 21 has been informed by US authorities that hackers have stolen the credit and debit card details of 99,000 of its customers.
The stolen data includes card numbers and expiry dates but not customer names and addresses, and is said to have been taken in different incidents going back to 2004.
In a statement Forever 21 said, "Our systems may have been illegally accessed to obtain customer payment card information. We have determined that this incident may have affected a subset of our customers who shopped at our stores on nine dates [between 2004 and 2007].
"On 5 August 2008, the US Department of Justice in Boston filed indictments against three individuals alleged to have committed crimes involving credit card fraud against 12 retailers.
"That morning, Forever 21 was contacted by the US Secret Service and was advised that our company was identified in the indictment as one of the retail victims."
Details of the Forever 21 data loss became public following charges brought against 11 men who allegedly hacked into other major retail companies and stole more than 40 million credit and debit card numbers.
Companies affected in that operation included Barnes & Noble, OfficeMax and TJX, which owns TK Maxx in the UK.
Last week, Damon Patrick Toey, one of the men accused of the TJX data breach pleaded guilty. He is expected to be sentenced on 10 December.
The TJX data is believed to have become compromised through the use of unsecured wireless network points. There is speculation that Forever 21 may have also used unsecured wireless networks.