F Corp-owned The North Face has disclosed that names and email addresses were part of the data compromised during a recent cyberattack.
The company assured its customers that there was no breach of payment card information, as card details like numbers, CVVs, and expiration dates are processed by a third party and are not retained on The North Face’s website.
Following this incident, the company has alerted its customers and advised those affected to reset their passwords as a precautionary measure.
According to The North Face, the attackers employed a strategy known as “credential stuffing.” This technique involves cybercriminals using compromised usernames and passwords from previous data breaches, under the assumption that users may have reused these login credentials across various platforms.
The company noted that this approach likely enabled the attackers to access certain customer data, including shipping addresses and records of previous purchases.
In a notification to the Vermont Attorney General’s Office, the company remarked: “Based on our investigation, we believe that the attacker previously gained access to your email address and password from another source (not from us) and then used those same credentials to access your account on our website.”
VF, the parent organization, experienced a separate cyber incident in December 2023, which affected another brand, Vans, leading to alerts being sent to customers regarding potential risks to their personal information.
This cybersecurity issue concerning a US brand comes on the heels of a warning from Google, which reported that hackers notorious for a series of ransomware attacks targeting UK retailers have now redirected their efforts toward American companies.
“US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programmes,” noted John Hultquist, an analyst from Google’s cybersecurity team.
In similar news last month, sportswear leader Adidas announced that certain consumer data had been compromised by an unauthorized external entity via a third-party customer service provider.
The compromised data included contact details of consumers who had previously reached out to the customer service desk. Fortunately, no passwords, credit card information, or any other payment-related data were at risk.
Moreover, UK retailer Marks & Spencer paused online and app orders after a cyberattack in April, estimating a potential hit of approximately £300m on its operating profit for the fiscal year 2025/26, before implementing any countermeasures.
In light of the increasing frequency of cyberattacks, Oxylabs CEO Julius Cerniauskas stressed the importance of proactive measures: “Retailers must respond with more than apologies. Proactive steps like enforcing multi-factor authentication, tightening access controls, and constantly monitoring for threats are now essential. Trust is hard-won in the digital age – and easily lost. For today’s brands, cybersecurity is no longer just an IT function. It’s a business-critical priority.”
