More than 35 million customers ‘ personal information was stolen in a ransomware attack in December, according to VF Corporation, the company behind the brands Vans, Timberland, The North Face, Dickies, and Supreme.
The American multinational clothing and footwear behemoth claimed that because it does n’t store such data on its systems, the affected customers ‘ social security numbers, bank account information, or payment card information were unaffected.
In an 8-K form  that was submitted to the U.S. Securities and Exchange Commission ( SEC ) on Thursday, the threat actor is said to have stolen personal data from approximately 35.5 million individual consumers, according to VF Corp’s preliminary analysis from its ongoing investigation.
“VF has not yet found any proof that the threat actor obtained any consumer passwords.”
In a SEC filing dated December 15, the business disclosed the ransomware attack, claiming that the attackers “disrupted the company’s business operations by encrypting some IT systems and stole data, including personal data.”
Customers cancelled orders and some wholesale shipments were delayed as a result of the attack, which forced VF Corp to shut down some of its systems to contain the breach. Retail store inventory replenishment was also interrupted.
Since then, it has largely restored the IT systems that were encrypted during the incident, though it still has some minor operational repercussions.
On December 15, 2023, “VF believes the threat actor was ejected from VF’s IT systems.” According to this week’s SEC filing, VF-operated retail stores, brand e-commerce sites, and distribution centers are operating with minimal problems as of the date of this Amendment.
The business has n’t yet let its customers know about the incident on its official website or social media pages. Additionally, it has not yet disclosed the type of data that was affected by the breach or whether it had an impact on its partners, suppliers, resellers, or employees.
As it looks into the attack and the extent of its effects, VF Corp is currently working with both federal law enforcement and pertinent regulatory authorities.
A Colorado-based clothing company called VF Corp. employs 35, 000 people and generates$ 11.6 billion in annual revenue. Additionally, it is the owner of 13 well-known brands, including Vans, Timberland, The North Face, Supreme, Dickies, Eastpak, Kipling, Napapijri, AND1, JanSport, Icebreaker, Altra Running, and SmartWool.
Related Cybersecurity Threat and Awareness Blogs:
Critical Juniper SRX Firewalls and EX Switches RCE Vulnerability Exposed
Seven Lessons from History’s Most Notable Achievements in Cybersecurity
Ransomware -Understanding Threats and Protecting Organization
Ransomware -Understanding Threats and Protecting Organization
TA866 deploys WasabiSeed and, Screenshotter Malware, according to an invoice Phishing Alert.