Skip to main content
close search
site logo
Dive Brief

VF Corp. cyberattack impacted 35.5M consumers

The North Face and Vans parent company originally reported the incident at the height of the holiday season.

Published Jan. 23, 2024
Kaarin Moore's headshot
Senior Editor
A closeup of a white "Vans" sign, below a red-trimmed window, reflecting a blue-gray sky.
A Vans sign. Parent company VF Corp. is in the middle of a transformation program meant to bolster sales as some of its brands falter. Daphne Howland/Cybersecurity Dive

First published on

Retail Dive

Dive Brief:

  • VF Corp. estimates that a cyberattack the company reported in December impacted 35.5 million consumers, according to new documents filed with the U.S. Securities and Exchange Commission last week.
  • While personal data was stolen, VF Corp. emphasized that it doesn’t retain or collect social security numbers, bank account information or payment card information. 
  • At the time of the incident the company experienced disruption to some of its operations, but the company’s stores, e-commerce sites and distribution centers are now operating “with minimal issues,” the company said.

Dive Insight:

Vans and The North Face parent company VF Corp. released more information regarding a cyber incident it reported at the height of the holiday season. 

At that time, the company said that customers could place orders on most of its brands’ e-commerce sites globally, but its ability to fulfill the orders was impacted. 

When VF Corp. discovered the incident, it shut down a number of its systems, disrupting operations. Some customers canceled orders, wholesale shipments saw delays and the company experienced reduced demand. However, the company believes cyberattack is unlikely to have a material impact on its finances.

VF Corp. is seeking reimbursement of costs, expenses and losses from its insurers.

The company is in the middle of a transformation program meant to bolster sales as some of its brands falter. The company recently cut around 500 jobs globally in order to give it “the financial flexibility to invest behind our brands and better position us for long term growth,” according to a statement at the time of the layoffs. This past fall saw activist investors calling for hundreds of millions of dollars in cost cuts and a board shakeup.

Filed Under: Breaches, Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Abbott Laboratories Employees Credit Union (“ALEC”) Data Breach Investigation
From Migliaccio and Rathod LLP
October 21, 2024
Torus Unveils Integrated Energy Storage and AI-Driven Cybersecurity Solutions
From Torus
October 24, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell