North Face customers who have user accounts on the outdoor apparel brand’s website were targeted by a large-scale credential stuffing attack because their confidential information was sourced from hundreds of Thousands of accounts have been almost obtained by cyber criminals.
The credential stuffing attack on The North Face website began on July 26, 2022, but website administrators detected the unusual activity on August 11, 2022 and were able to stop it on August 19, 2022.
A credential stuffing attack occurs when attackers use combinations of email addresses/usernames and passwords that they have recovered from data breaches during hacking attempts on other websites .
The success of these attacks depends on widespread recycling of user passwords or when an individual uses the same credentials across different online platforms.
Also read: Twilio confirms that 125 customers were affected by a data breach – Were passwords stolen?
The data of 200,000 compromised accounts
After probing the attack, North Face determined that attackers successfully hacked nearly 200,000 accounts using valid credentials, potentially obtaining customer information such as:
- Full name
- Purchase history
- Billing address
- Delivery address
- Phone number
- Account creation date
- XPLR Pass Reward Registrations
Fortunately, credit card data is not stored on the website. Thus, the attackers were unable to access sensitive financial data.
Credit card details, other financial data safe, says North Face
“We do not store a copy of payment card details on thenorthface.com. We only store a ‘token’ linked to your payment card, and only our third party payment card processor stores card details. of payment”, explains the firm in the infringement. notification.
Also Read: Data of Thousands of Taxpayers Compromised Due to IRS Mistake
“The token cannot be used to initiate a purchase anywhere other than thenorthface.com.”
In response to the security incident, VF Corporation (formerly Vanity Fair Mills), North Face’s parent company, is sending data breach notices to affected customers.
Additionally, all user passwords on northface.com have been reset and all payment card tokens on accounts accessed by unauthorized intruders have been removed.
New strong and unique passwords encouraged to prevent a similar incident from happening
Thus, affected customers with a user account on the website must enter a new password and re-enter payment card details to purchase an item.
These users should choose a unique and strong (long) password and avoid the convenience of credential recycling.
Additionally, if customers use the same passwords on other online platforms, they should immediately replace them with a unique site-specific password to prevent a similar incident from occurring.
Not the first data breach on North Face
This is the second time The North Face has reset passwords after a successful credential stuffing attack. The first attack took place in November 2020.
VF Corporation’s brands include Vans, Timberland, Eastpak, Kipling, Dickies and Napapijri, apart from The North Face. However, these other brands were apparently unaffected by this data breach or similar attacks.
Related Article: T-Mobile Data Breach 2021: 100M Users Exposed in Latest Hack, Is There a Solution?