Tweakers.net reported that clothing brand The North Face reports details about the data breach last December in an email to customers. During a cyber attack on parent company VF Corporation, various personal data were captured, but no payment details or passwords.
An email seen by Tweakers shows that customers of The North Face have been affected by a data breach in which personal data has been stolen. This concerns data that is stored ‘to manage online purchases’, according to the brand. In December, a threat actor had access to personal data such as email addresses, names, telephone numbers and billing and shipping addresses of an unknown number of customers who ordered products from the company. Order history, order value and payment method information were also involved in the data breach.
The company, on the other hand, emphasizes that no bank account or credit card details were accessed in the attack, at most references to the payment method, for example ‘PayPal’ or ‘bank account’. The attackers would also not have been able to view passwords. The North Face still warns potentially affected customers to be on the lookout for possible phishing attacks or suspicious emails.
The parent company of The North Face, VF Corporation, reported in December that a cyber attack had taken place. On the other hand, it was not yet clear to what extent customers had been affected by the attack and the data from which brands could be affected. VF Corporation also owns Vans, Eastpak, Kipling and Timberland, among others. Earlier this year, a document from the American SEC made it clear that more than 35 million customers were affected by the cyber attack.