The North Face Breach - July 6, 2022
Date: July, 2022The North Face is an outdoor apparel company best known for its jackets and footwear. Founded in 1968 by Douglas Tomkins and Susie Tomkins Buell, The North Face has been serving customers for over 50 years.
What Was the Breach?
The breach was a credential-stuffing attack on The North Face's official website. Its sister company, Vans, has also been affected by the hack. It was discovered on August 11th of, 2022, and was stopped on August 19th. The parent company of The North Face, VF Corporation, immediately began sending notification letters to anyone affected.
How Did the Breach Occur?
Hackers achieved the breach through a method called 'credential stuffing.' This is where a hacker will take leaked data and information from another attack or breach and count on what's referred to as 'password recycling.' Password recycling is when you use the same password across accounts. If this is ever done, the hackers can use that one password to access multiple accounts.
When Did This Breach Occur?
The breach occurred on Wednesday, July 6th, 2022.
Who Does the Breach Impact?
The breach impacts anyone who has their personal information on thenorthface.com or vans.com. None of the payment information was stored on these websites; The North Face has assured everyone that there was a third party responsible for keeping track of the payments and that there's nothing to worry about regarding payment information.
How Many Files Does the Breach Affect?
Almost 200,000 accounts were accessed in the breach, 194,905 to be exact. These included the affected customers' full names, addresses, genders, and phone numbers.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...