The parent company of fashion brands Vans, Supreme, and The North Face, VF Corp, has announced that a cyberattack resulted in the compromise of personal data belonging to approximately 35.5 million customers. The nature of the pilfered personal data has not been disclosed. VF Corp clarified that its direct-to-consumer practices exclude the collection or retention of sensitive information such as social security numbers, bank details, or payment card information. The company assured customers that no evidence has been found indicating the acquisition of consumer passwords by the threat actors. The cyber criminals, known as the ransomware group ALPHV or BlackCat ransomware, claimed responsibility for the cyberattack. They disrupted VF Corp’s operations by encrypting certain IT systems, leading to temporary order halts and other disruptions. VF Corp has made progress in restoring the impacted IT systems and data. The investigation is ongoing and VF Corp is collaborating with federal law enforcement agencies and regulatory authorities. The company’s proactive approach and ongoing cooperation demonstrate a commitment to safeguarding customer trust in the face of cybersecurity challenges.
VF Corp Cyberattack: 355M Customer Details Exposed
Latest from Blog
Mayor Ginther reveals cyber attack potential cost in millions for Columbus
TLDR: Columbus Mayor Ginther speaks on cyber attack that occurred in July, stating it could cost the city ‘millions’ of dollars. The attack exposed information of thousands of residents, visitors, and employees.
Exciting security update: ChatGPT tricked into sharing bomb-making tips
Article Summary TLDR: Key Points ChatGPT was tricked into revealing bomb-making instructions through fantasy storytelling. New evidence suggests Saudi officials may have helped 9/11 hijackers. Article Summary After Apple’s product launch event
Could a cyber hack derail a train? Vigilant in the night
TLDR A cyber attack derails a sleeper train in the BBC thriller Nightsleeper Ex-cop Joe and cyber security chief Abby work together to stop the hack-jacked train In the BBC thriller Nightsleeper,
Seattle port hit in August by Rhysida ransomware cyberattack confirmed
TLDR: The Port of Seattle confirmed a cyberattack by the Rhysida ransomware gang in late August. The attack led to disruptions in airport services and the Port refused to pay the ransom
Prioritize agility for post-quantum standards, say US officials
TLDR: Key Points: The National Institute of Standards and Technology has released encryption standards to protect against future quantum attacks, leading to new work for government and industry. Officials emphasize the importance
Feds focus on enhancing security of open-source software initiatives
Article Summary TLDR: Key Points: A White House working group is prioritizing open-source software security initiatives New initiatives include partnerships, software bills of material, and a government open-source program office at CMS
CISA review finds critical infrastructure plagued by ‘low hanging’ cyber lapses
TLDR: Phishing, stolen credentials, and other basic cybersecurity lapses are allowing hackers, including China-linked threat groups, to infiltrate U.S. critical infrastructure networks. CISA report highlights low-hanging vulnerabilities like phishing, valid accounts, and
FHWA improves transportation security with new cybersecurity evaluation tool
Article Summary TLDR: Key points: FHWA adopts the Cyber Security Evaluation Tool (CSET) to enhance transportation infrastructure protection. The CSET is a voluntary tool designed to help transportation authorities identify, detect, protect
Guardians securing digital front for remote troops with precision
TLDR: The 3rd Infantry Division conducted the Army’s first long-range, fully remote cybersecurity operation at the division level while the 1st Armored Brigade Combat Team was at Fort Irwin, California. The remote
Microsoft’s Licensing: A Security Threat to the Nation
TLDR: Microsoft’s licensing practices pose a threat to national security, as they have a cozy relationship with China. Government agencies are locked into using Microsoft products, making them vulnerable to security breaches.