www.theregister.com Open in urlscan Pro
104.18.5.22  Public Scan

URL: https://www.theregister.com/2024/01/19/vf_corp_ransomware_impact/
Submission: On January 19 via api from TR — Scanned from DE

Form analysis 2 forms found in the DOM

POST /CBW/custom

<form id="RegCTBWFAC" action="/CBW/custom" class="show_regcf_custom" method="POST">
  <h5>Manage Cookie Preferences</h5>
  <ul>
    <li>
      <label>
        <input type="checkbox" disabled="disabled" checked="checked" name="necessary" value="necessary">
        <strong>Necessary</strong>. <strong>Always active</strong>
      </label>
      <label for="accordion_necessary" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
      <div class="accordion">
        <input type="checkbox" id="accordion_necessary">
        <p class="accordion_info"> These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. </p>
      </div>
    </li>
    <li>
      <label>
        <input type="checkbox" name="tailored_ads" value="tailored_ads">
        <strong>Tailored Advertising</strong>. </label>
      <label for="accordion_advertising_tailored_ads" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg"
          class="accordion_arrow"></label>
      <div class="accordion">
        <input type="checkbox" id="accordion_advertising_tailored_ads">
        <p class="accordion_info"> These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers,
          and in some cases selecting advertisements that are based on your interests. </p>
      </div>
    </li>
    <li>
      <label>
        <input type="checkbox" name="analytics" value="analytics">
        <strong>Analytics</strong>. </label>
      <label for="accordion_analytics" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
      <div class="accordion">
        <input type="checkbox" id="accordion_analytics">
        <p class="accordion_info"> These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our
          sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. </p>
      </div>
    </li>
  </ul> See also our <a href="https://www.theregister.com/Profile/cookies/">Cookie policy</a> and <a href="https://www.theregister.com/Profile/privacy/">Privacy policy</a>. <input type="submit" value="Accept Selected" class="reg_btn_primary"
    name="accept" id="RegCTBWFBAC">
</form>

POST /CBW/all

<form id="RegCTBWFAA" action="/CBW/all" method="POST" class="hide_regcf_custom">
  <input type="submit" value="Accept All Cookies" name="accept" class="reg_btn_primary" id="RegCTBWFBAA">
</form>

Text Content

Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We
measure how many people read us, and ensure you see relevant ads, by storing
cookies on your device. If you're cool with that, hit “Accept all Cookies”. For
more info and to customize your settings, hit “Customize Settings”.

REVIEW AND MANAGE YOUR CONSENT

Here's an overview of our use of cookies, similar technologies and how to manage
them. You can also change your choices at any time, by hitting the “Your Consent
Options” link on the site's footer.

MANAGE COOKIE PREFERENCES

 * Necessary. Always active Read more
   
   These cookies are strictly necessary so that you can navigate the site as
   normal and use all features. Without these cookies we cannot provide you with
   the service that you expect.

 * Tailored Advertising. Read more
   
   These cookies are used to make advertising messages more relevant to you.
   They perform functions like preventing the same ad from continuously
   reappearing, ensuring that ads are properly displayed for advertisers, and in
   some cases selecting advertisements that are based on your interests.

 * Analytics. Read more
   
   These cookies collect information in aggregate form to help us understand how
   our websites are being used. They allow us to count visits and traffic
   sources so that we can measure and improve the performance of our sites. If
   people say no to these cookies, we do not know how many people have visited
   and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Customize Settings


Sign in / up




TOPICS

Security


SECURITY

All SecurityCyber-crimePatchesResearchCSO (X)
Off-Prem


OFF-PREM

All Off-PremEdge + IoTChannelPaaS + IaaSSaaS (X)
On-Prem


ON-PREM

All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector (X)
Software


SOFTWARE

All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization (X)
Offbeat


OFFBEAT

All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout
Us (X)
Special Features


SPECIAL FEATURES

All Special Features Cloud Infrastructure Week Cybersecurity Month Blackhat and
DEF CON Sysadmin Month The Reg in Space Emerging Clean Energy Tech Week
Spotlight on RSA Energy Efficient Datacenters


VENDOR VOICE

Vendor Voice


VENDOR VOICE

All Vendor Voice Amazon Web Services (AWS) Business Transformation Google Cloud
Infrastructure Hewlett Packard Enterprise: AI & ML solutions Hewlett Packard
Enterprise: Edge-to-Cloud Platform Intel vPro VMware (X)
Resources


RESOURCES

Whitepapers Webinars & Events Newsletters


CYBER-CRIME

2


THIEVES STEAL 35.5M CUSTOMERS’ DATA FROM VANS SNEAKERS MAKER

2


BUT WHAT KIND OF INFO WAS ACTUALLY COMPROMISED? NONE OF YOUR BUSINESS

Connor Jones
Fri 19 Jan 2024 // 13:56 UTC




VF Corporation, parent company of clothes and footwear brands including Vans and
North Face, says 35.5 million customers were impacted in some way when criminals
broke into their systems in December.

The announcement was made in a Thursday 8-K/A filing with the Securities and
Exchange Commission (SEC), and we're only left to speculate about what kind of
information the attackers may have scrambled away with.

The parent company of fashion labels, which also include Supreme, Timberland,
and Dickies did, however, confirm the type of data that couldn't have been
accessed.



VF Corp said that customers' social security numbers (SSNs), bank account
information, and payment card information remain uncompromised as these are not
stored in its IT systems.




There's also no evidence to suggest that consumer passwords were accessed, it
confirmed, although it did caveat this with "the investigation remains ongoing".

If you want to really look between the lines of the document's wording, you'll
see that VF Corp explicitly said SSNs, financial information, and passwords –
all excluded from potential compromise – were all explicitly defined as being
consumer-related specifically.



The same goes for the number of individuals affected – 35.5 million "individual
consumers" had their personal information stolen.

Neither its original breach disclosure filing nor this week's update mentioned
compromised data related to staff, business partners, or other stakeholders. The
Register requested a statement from VF Corp but had not received a response by
the time of publishing.

As for the operational disruption the attack caused, VF Corp said IT systems
have been "substantially restored" and its businesses are now operating with
minimal disruption.



When the attack was first disclosed, the clothes seller said its ability to
fulfill orders was affected, but online and retail stores were still up and
running as normal.

 * IT consultant fined for daring to expose shoddy security
 * JPMorgan exec claims bank repels 45 billion cyberattack attempts per day
 * Future of America's Cyber Safety Review Board hangs in balance amid calls for
   rethink
 * Ransomware attacks hospitalizing security pros, as one admits suicidal
   feelings

This week's filing said the company's ability to replenish retail stores'
inventory was affected and combined with the fulfillment issues. This led to
customer order cancellations and reduced demand across some of its brands'
e-commerce sites.

"Since the filing of the original report, while VF is still experiencing minor
residual impacts from the cyber incident, VF has resumed retail store inventory
replenishment and product order fulfillment, and is caught up on fulfilling
orders that were delayed as a result of the cyber incident," the filing reads. 

"Since the filing of the original report, VF has substantially restored the IT
systems and data that were impacted by the cyber incident, but continues to work
through minor operational impacts."

The attack on VF Corp is suspected to have involved ransomware. The filings
mention parts of its IT systems being encrypted, and the AlphV/BlackCat gang
claimed the attack days after its disclosure, but the company has not confirmed
this to be the case.

That being said, it wouldn't be the first ransomware victim to carefully massage
the wording of its disclosures so as to avoid the dreaded R word.

The practice is commonplace in the industry and reached its peak last year when
Minneapolis Public Schools notoriously referred to its attack, later claimed by
the Medusa ransomware gang, as an "encryption event." ®

Get our Tech Resources

Share



MORE ABOUT

 * Cybercrime
 * Cybersecurity
 * Data Breach

More like these
×


MORE ABOUT

 * Cybercrime
 * Cybersecurity
 * Data Breach
 * Ransomware


NARROWER TOPICS

 * NCSC
 * REvil
 * RSA Conference
 * Wannacry


BROADER TOPICS

 * Security

MORE ABOUT

Share


2 COMMENTS

MORE ABOUT

 * Cybercrime
 * Cybersecurity
 * Data Breach

More like these
×


MORE ABOUT

 * Cybercrime
 * Cybersecurity
 * Data Breach
 * Ransomware


NARROWER TOPICS

 * NCSC
 * REvil
 * RSA Conference
 * Wannacry


BROADER TOPICS

 * Security

TIP US OFF

Send us news

--------------------------------------------------------------------------------


OTHER STORIES YOU MIGHT LIKE

CYBERCROOKS PLAY DRESS-UP AS 'HELPFUL' RESEARCHERS IN LATEST RANSOMWARE RUSE

Posing as cyber samaritans, scumbags are kicking folks when they're down
Cyber-crime9 days | 2

RANSOMWARE ATTACKS HOSPITALIZING SECURITY PROS, AS ONE ADMITS SUICIDAL FEELINGS

Untold harms of holding the corporate perimeter revealed in extensive series of
interviews
Cyber-crime23 hrs | 2

AS LAWMAKERS MULL OUTLAWING POOR SECURITY, WHAT CAN THEY REALLY DO TO TACKLE
ONLINE GANGS?

Comment Headline-grabbing takedowns are nice, but long-term solutions require
short-term sacrifices
Cyber-crime15 days | 19

TURBO-CHARGING THE WLAN WITH WI-FI 7

New Huawei AP designed to boost speed, access and efficiency in campus wireless
networks
Sponsored Feature


BRITISH LIBRARY: FINANCES REMAIN HEALTHY AS RANSOMWARE RECOVERY CONTINUES

Authors continue to lose out on owed payments as rebuild of digital services
drags on
Cyber-crime11 days | 16

BREACHFORUMS BOSS BUSTED FOR BOND BLUNDERS – INCLUDING USING A VPN

Fitzpatrick faces potentially decades in prison later this month, so may as well
get some foreign Netflix in beforehand
Cyber-crime14 days | 2

COPY THAT? XEROX CONFIRMS 'SECURITY INCIDENT' AT SUBSIDIARY

Company’s removal from ransomware gang’s leak blog could mean negotiations
underway
Cyber-crime16 days |

AND THAT'S A WRAP FOR BABUK TORTILLA RANSOMWARE AS FREE DECRYPTOR RELEASED

Experts' job made 'straightforward' by crooks failing to update encryption
schema after three years
Research10 days | 3

RANSOMWARE PAYMENT BAN: WRONG IDEA AT THE WRONG TIME

Opinion Won't stop the chaos, may lead to attacks with more dire consequences
CSO13 days | 128

COURT HEARINGS BECOME RANSOMWARE CONCERN AFTER JUSTICE SYSTEM BREACH

From legal proceedings to potential YouTube fodder
Cyber-crime17 days | 6

FORMAL BAN ON RANSOMWARE PAYMENTS? ASKING ORGS NICELY TO NOT COUGH UP AIN'T
WORKING

With the average demand hitting $1.5 million, something's gotta change
Security16 days | 72

SHINYHUNTERS CHIEF PHISHERMAN GETS 3 YEARS, MUST COUGH UP $5M

Sebastien Raoult developed various credential-harvesting websites over more than
2 years
Cyber-crime9 days | 5


The Register Biting the hand that feeds IT

ABOUT US

 * Contact us
 * Advertise with us
 * Who we are

OUR WEBSITES

 * The Next Platform
 * DevClass
 * Blocks and Files

YOUR PRIVACY

 * Cookies Policy
 * Your Consent Options
 * Privacy Policy
 * T's & C's

Copyright. All rights reserved © 1998–2024