Major clothing retailers including Vans, Supreme and The North Face will not deliver their Christmas shipments on time after a disruptive ransomware cyber attack hit their parent company.
In a SEC filingVF Corporation (VF Corp.) said the data breach was first noticed on December 13, when threat actors disrupted its operations “by encrypting some IT systems.” VF Corp. further stated that the hackers “stole personal information from the company,” thereby hampering its ability to fulfill orders.
However, this does not mean that the brands will not be taking orders, as customers can still purchase goods from their favorite retailers, but the shipping calculator, which estimates exactly when purchases could arrive, is not working at the moment.
No names given
In a statement to the media, VF Corporation only issued a statement reiterating everything said to regulators. Therefore, at this time we do not know who the threat actors are, what malware they have used, what their demands are, or how much sensitive data they have managed to exfiltrate from the company's systems. We do not know what that data contains and whether it belongs to employees, customers or clients.
All we know at this point is that the attack will have a “material impact” on the operations of affected customers. “As the investigation into the incident is still ongoing, the full extent, nature and impact of the incident are not yet known,” the filing concluded.
Typically, ransomware groups steal valuable data that they can exchange for cryptocurrencies, either from victims or on the black market. If it's not proprietary data that could be useful to competitors, it's customer data like names, email addresses, social security numbers, or even payment information.
Through TechCrunch