Outdoor clothing brand The North Face has been hit by a major cyberattack that has seen nearly 200,000 customer accounts hacked.
The company confirmed that its thenorthface.com website was impacted by a large-scale credential stuffing attack that has resulted in the hacking of 194,905 customer accounts.
North Face breach
The company is now contacting affected customers, informing them of the attack and instructing them to update their passwords immediately.
In a breach notification document (opens in new tab), The North Face told customers that it had detected “unusual activity” on its website on August 11 2022. Following an investigation, it found had attackers had launched a credential stuffing attack against the website at some point between July 26 and August 19, 2022.
Credential stuffing attacks see criminals use login or authentication details such as email addresses and passwords taken from previous data breaches or leaks in an attempt to find other accounts to log in to.
In this case, The North Face confirmed the attackers would have been able to access details including full names, purchase history, billing and shipping addresses, telephone numbers and even gender.
Fortunately, no payment details were stored on the website, so all credit and debit card data remained safe.
“We do not keep a copy of payment card details on thenorthface.com. We only retain a “token” linked to your payment card, and only our third-party payment card processor keeps payment card details,” the company noted.
“The token cannot be used to initiate a purchase anywhere other than on thenorthface.com.”
Affected user accounts and passwords have been reset, with users instructed to pick strong and unique new passwords that are not used on any other websites or platforms.
Via BleepingComputer (opens in new tab)