Vans cyberattack: personal information exposed


Vans has informed its customers of potential fraud or identity theft following the cyberattack against parent company VF Group. The report outlines the timeline of the Vans cyberattack from December 13, 2023 and the organization’s response to the incident.

The advisory shared information about “unauthorized activities” on its system in December 2023. VF Group, the parent company of fashion and clothing brands, such as Vans, Timberland, The North Face and Dickies, revealed that the the organization had detected a cyber intrusion on December 13 and temporarily suspended affected IT systems to contain and remediate the threat.

On December 15, the unauthorized actors were removed from the IT environment and efforts were made to restore affected systems and operations.

Vans Cyber ​​Attack Update

According to company investigation, the Vans cyberattack may have compromised customers’ personal information, including email addresses, full names, phone numbers, billing and shipping addresses, and order details. However, it is important to note that financial information such as bank account or credit card details were not stored in the affected systems.

Van cyberattack
Source: vans

Despite VF Group’s rapid response, concerns remain about potential risks to individuals whose data was part of the affected dataset. Although there is currently no evidence of direct impact on individual consumers, the incident highlights the importance of vigilance in protecting personal information.

In conversation with TCE, Darren Williams, CEO and founder of BlackFog, said that “securing data needs to be at the forefront of retailers’ minds.” The cybersecurity incident could lead to fraud or identity theft given the scale of the incident. VF Group Data Breach.

“Customer safety must be the top priority, otherwise, as we can see, loyal customers can quickly turn into victims. The VF Group now risks not only financial damage but also reputational damage that could last for years. To avoid becoming the next example, businesses must invest in the latest anti-data exfiltration technologies to prevent unauthorized data from leaving their systems,” added Darren.

The VF Group advises its customers to be vigilant

In light of this breach, VF Group has advised its customers to exercise caution when responding to communications, particularly those requesting personal information. Additionally, customers are advised to be wary Suspicious emailsattachments and hyperlinks, as they could be used in phishing attempts or to direct individuals to malicious websites.

VF Group has assured its customers of its commitment to prioritizing privacy and security. The company continues to monitor the situation closely, while reviewing and improving its cybersecurity measures to mitigate future risks.

Responding to inquiries, a Vans spokesperson reiterated the timeline for events surrounding the security incident and claimed operations had since been restored with minimal disruption. “After detecting the unauthorized events, we immediately began taking steps to contain, assess and remediate the incident, including initiating an investigation with leading external cybersecurity experts, activating our response plan incidents and shutting down certain systems,” the spokesperson said.

This incident follows a previous cyber incident reported by VF Corp, resulting in a data breach affecting approximately 35.5 million consumers. Although VF Group does not anticipate any financial impact from the current incident, the company remains vigilant in its efforts to protect its customers’ data and mitigate potential risks to its operations and reputation.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber ​​Express assumes no responsibility for the accuracy or consequences of the use of this information.

Leave a comment