www.theregister.com
Open in
urlscan Pro
104.18.5.22
Public Scan
URL:
https://www.theregister.com/2024/01/19/vf_corp_ransomware_impact/
Submission: On January 19 via api from TR — Scanned from DE
Submission: On January 19 via api from TR — Scanned from DE
Form analysis
2 forms found in the DOMPOST /CBW/custom
<form id="RegCTBWFAC" action="/CBW/custom" class="show_regcf_custom" method="POST">
<h5>Manage Cookie Preferences</h5>
<ul>
<li>
<label>
<input type="checkbox" disabled="disabled" checked="checked" name="necessary" value="necessary">
<strong>Necessary</strong>. <strong>Always active</strong>
</label>
<label for="accordion_necessary" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_necessary">
<p class="accordion_info"> These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="tailored_ads" value="tailored_ads">
<strong>Tailored Advertising</strong>. </label>
<label for="accordion_advertising_tailored_ads" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg"
class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_advertising_tailored_ads">
<p class="accordion_info"> These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers,
and in some cases selecting advertisements that are based on your interests. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="analytics" value="analytics">
<strong>Analytics</strong>. </label>
<label for="accordion_analytics" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_analytics">
<p class="accordion_info"> These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our
sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. </p>
</div>
</li>
</ul> See also our <a href="https://www.theregister.com/Profile/cookies/">Cookie policy</a> and <a href="https://www.theregister.com/Profile/privacy/">Privacy policy</a>. <input type="submit" value="Accept Selected" class="reg_btn_primary"
name="accept" id="RegCTBWFBAC">
</form>
POST /CBW/all
<form id="RegCTBWFAA" action="/CBW/all" method="POST" class="hide_regcf_custom">
<input type="submit" value="Accept All Cookies" name="accept" class="reg_btn_primary" id="RegCTBWFBAA">
</form>
Text Content
Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”. REVIEW AND MANAGE YOUR CONSENT Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer. MANAGE COOKIE PREFERENCES * Necessary. Always active Read more These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. * Tailored Advertising. Read more These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. * Analytics. Read more These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. See also our Cookie policy and Privacy policy. Customize Settings Sign in / up TOPICS Security SECURITY All SecurityCyber-crimePatchesResearchCSO (X) Off-Prem OFF-PREM All Off-PremEdge + IoTChannelPaaS + IaaSSaaS (X) On-Prem ON-PREM All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector (X) Software SOFTWARE All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization (X) Offbeat OFFBEAT All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us (X) Special Features SPECIAL FEATURES All Special Features Cloud Infrastructure Week Cybersecurity Month Blackhat and DEF CON Sysadmin Month The Reg in Space Emerging Clean Energy Tech Week Spotlight on RSA Energy Efficient Datacenters VENDOR VOICE Vendor Voice VENDOR VOICE All Vendor Voice Amazon Web Services (AWS) Business Transformation Google Cloud Infrastructure Hewlett Packard Enterprise: AI & ML solutions Hewlett Packard Enterprise: Edge-to-Cloud Platform Intel vPro VMware (X) Resources RESOURCES Whitepapers Webinars & Events Newsletters CYBER-CRIME 2 THIEVES STEAL 35.5M CUSTOMERS’ DATA FROM VANS SNEAKERS MAKER 2 BUT WHAT KIND OF INFO WAS ACTUALLY COMPROMISED? NONE OF YOUR BUSINESS Connor Jones Fri 19 Jan 2024 // 13:56 UTC VF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December. The announcement was made in a Thursday 8-K/A filing with the Securities and Exchange Commission (SEC), and we're only left to speculate about what kind of information the attackers may have scrambled away with. The parent company of fashion labels, which also include Supreme, Timberland, and Dickies did, however, confirm the type of data that couldn't have been accessed. VF Corp said that customers' social security numbers (SSNs), bank account information, and payment card information remain uncompromised as these are not stored in its IT systems. There's also no evidence to suggest that consumer passwords were accessed, it confirmed, although it did caveat this with "the investigation remains ongoing". If you want to really look between the lines of the document's wording, you'll see that VF Corp explicitly said SSNs, financial information, and passwords – all excluded from potential compromise – were all explicitly defined as being consumer-related specifically. The same goes for the number of individuals affected – 35.5 million "individual consumers" had their personal information stolen. Neither its original breach disclosure filing nor this week's update mentioned compromised data related to staff, business partners, or other stakeholders. The Register requested a statement from VF Corp but had not received a response by the time of publishing. As for the operational disruption the attack caused, VF Corp said IT systems have been "substantially restored" and its businesses are now operating with minimal disruption. When the attack was first disclosed, the clothes seller said its ability to fulfill orders was affected, but online and retail stores were still up and running as normal. * IT consultant fined for daring to expose shoddy security * JPMorgan exec claims bank repels 45 billion cyberattack attempts per day * Future of America's Cyber Safety Review Board hangs in balance amid calls for rethink * Ransomware attacks hospitalizing security pros, as one admits suicidal feelings This week's filing said the company's ability to replenish retail stores' inventory was affected and combined with the fulfillment issues. This led to customer order cancellations and reduced demand across some of its brands' e-commerce sites. "Since the filing of the original report, while VF is still experiencing minor residual impacts from the cyber incident, VF has resumed retail store inventory replenishment and product order fulfillment, and is caught up on fulfilling orders that were delayed as a result of the cyber incident," the filing reads. "Since the filing of the original report, VF has substantially restored the IT systems and data that were impacted by the cyber incident, but continues to work through minor operational impacts." The attack on VF Corp is suspected to have involved ransomware. The filings mention parts of its IT systems being encrypted, and the AlphV/BlackCat gang claimed the attack days after its disclosure, but the company has not confirmed this to be the case. That being said, it wouldn't be the first ransomware victim to carefully massage the wording of its disclosures so as to avoid the dreaded R word. The practice is commonplace in the industry and reached its peak last year when Minneapolis Public Schools notoriously referred to its attack, later claimed by the Medusa ransomware gang, as an "encryption event." ® Get our Tech Resources Share MORE ABOUT * Cybercrime * Cybersecurity * Data Breach More like these × MORE ABOUT * Cybercrime * Cybersecurity * Data Breach * Ransomware NARROWER TOPICS * NCSC * REvil * RSA Conference * Wannacry BROADER TOPICS * Security MORE ABOUT Share 2 COMMENTS MORE ABOUT * Cybercrime * Cybersecurity * Data Breach More like these × MORE ABOUT * Cybercrime * Cybersecurity * Data Breach * Ransomware NARROWER TOPICS * NCSC * REvil * RSA Conference * Wannacry BROADER TOPICS * Security TIP US OFF Send us news -------------------------------------------------------------------------------- OTHER STORIES YOU MIGHT LIKE CYBERCROOKS PLAY DRESS-UP AS 'HELPFUL' RESEARCHERS IN LATEST RANSOMWARE RUSE Posing as cyber samaritans, scumbags are kicking folks when they're down Cyber-crime9 days | 2 RANSOMWARE ATTACKS HOSPITALIZING SECURITY PROS, AS ONE ADMITS SUICIDAL FEELINGS Untold harms of holding the corporate perimeter revealed in extensive series of interviews Cyber-crime23 hrs | 2 AS LAWMAKERS MULL OUTLAWING POOR SECURITY, WHAT CAN THEY REALLY DO TO TACKLE ONLINE GANGS? Comment Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Cyber-crime15 days | 19 TURBO-CHARGING THE WLAN WITH WI-FI 7 New Huawei AP designed to boost speed, access and efficiency in campus wireless networks Sponsored Feature BRITISH LIBRARY: FINANCES REMAIN HEALTHY AS RANSOMWARE RECOVERY CONTINUES Authors continue to lose out on owed payments as rebuild of digital services drags on Cyber-crime11 days | 16 BREACHFORUMS BOSS BUSTED FOR BOND BLUNDERS – INCLUDING USING A VPN Fitzpatrick faces potentially decades in prison later this month, so may as well get some foreign Netflix in beforehand Cyber-crime14 days | 2 COPY THAT? XEROX CONFIRMS 'SECURITY INCIDENT' AT SUBSIDIARY Company’s removal from ransomware gang’s leak blog could mean negotiations underway Cyber-crime16 days | AND THAT'S A WRAP FOR BABUK TORTILLA RANSOMWARE AS FREE DECRYPTOR RELEASED Experts' job made 'straightforward' by crooks failing to update encryption schema after three years Research10 days | 3 RANSOMWARE PAYMENT BAN: WRONG IDEA AT THE WRONG TIME Opinion Won't stop the chaos, may lead to attacks with more dire consequences CSO13 days | 128 COURT HEARINGS BECOME RANSOMWARE CONCERN AFTER JUSTICE SYSTEM BREACH From legal proceedings to potential YouTube fodder Cyber-crime17 days | 6 FORMAL BAN ON RANSOMWARE PAYMENTS? ASKING ORGS NICELY TO NOT COUGH UP AIN'T WORKING With the average demand hitting $1.5 million, something's gotta change Security16 days | 72 SHINYHUNTERS CHIEF PHISHERMAN GETS 3 YEARS, MUST COUGH UP $5M Sebastien Raoult developed various credential-harvesting websites over more than 2 years Cyber-crime9 days | 5 The Register Biting the hand that feeds IT ABOUT US * Contact us * Advertise with us * Who we are OUR WEBSITES * The Next Platform * DevClass * Blocks and Files YOUR PRIVACY * Cookies Policy * Your Consent Options * Privacy Policy * T's & C's Copyright. All rights reserved © 1998–2024