Vans, Dickies Owner VF Corp: Data of 35.5M Consumers Stolen in Recent Cyberattack
Apparel and footwear company VF Corp. disclosed last week that the personal data of about 35.5 million consumers were stolen as part of a December 2023 cyberattack.
According to a Jan. 18 filing with the U.S. Securities and Exchange Commission, the company—whose brands include Vans, The North Face, Timberland, Dickies, JanSport and Supreme—said all of its retail and online stores are operating with minimal issues after it needed to shut down some information technology systems due to the cyber incident detected on Dec. 13.
Related: Vans Owner VF Corp’s Order Fulfillment Operations Hit by Cyber Incident
VF said the hacker or hackers were “ejected” from its systems on Dec. 15. It has notified federal law enforcement and relevant regulatory authorities. No customer social security numbers, bank account, or payment card information is retained in its IT systems, VF said, adding that an investigation has not revealed any evidence that consumer passwords were acquired.
The company said it “will be seeking reimbursement of costs, expenses and losses stemming from the cyber incident by submitting claims” to its cyber insurers. VF had disruption to its operations, such as store replenishment, order fulfillment, and wholesale shipments as well as reduce demand on certain online sites. VF said it is “still experiencing minor residual impacts from the cyber incident.”
Personal data can include name, address, date of birth, and phone number. VF’s filing did not detail the type of personal data stolen.
- Congo Sues Apple Alleging ‘Pillaged’ Minerals in Products
- Report: Wearable Technology May Help Workers’ Comp Insurers Reduce Claims
- Grubhub to Pay $25M for Misleading Customers, Restaurants, Drivers
- Report: Millions of Properties May be Underinsured Due to Multiple Undetected Structures