January 19, 2024 at 09:00AM
VF Corporation, parent company of popular fashion brands like Vans and North Face, reported that 35.5 million customers were affected by a cyber-attack in December. However, sensitive data such as social security numbers and financial information were unaffected, and there is no evidence that customer passwords were compromised. The attack caused minor disruptions to their operations, and ransomware is suspected.
From the meeting notes, it’s clear that VF Corporation, the parent company of renowned brands such as Vans and North Face, disclosed that approximately 35.5 million customers were impacted by a cyber incident in December. Although the nature of the compromised data was not fully disclosed, VF Corp stated that consumers’ social security numbers, financial information, and passwords were not accessed, and the breach did not affect staff, business partners, or other stakeholders.
The company also addressed the operational disruption caused by the cyber incident, noting that IT systems have been substantially restored and businesses are operating with minimal disruption. However, the attack did impact the company’s ability to replenish retail stores’ inventory, resulting in customer order cancellations and reduced demand across some of its brands’ e-commerce sites.
While the attack is suspected to have involved ransomware, VF Corp has not confirmed this. It’s worth noting that the company’s disclosure carefully worded its statements regarding the incident, which is a common practice in the industry to avoid referring to it as a ransomware attack specifically.
Overall, the company has made progress in restoring its IT systems and fulfilling delayed orders, but is still addressing minor operational impacts resulting from the cyber incident.