VF Corp., owner of Vans and Supreme, reports data breach and disrupted orders in suspected ransomware attack | GVS – Global Village Space | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

VF Corporation, the U.S.-based owner of popular apparel brands such as Vans, Supreme, and The North Face, has recently confirmed that it has fallen victim to a cyberattack. The attack has significantly impacted the company’s ability to fulfill orders just ahead of Christmas, which is one of the busiest retail events of the year.

The Cyberattack and its Impact

In a filing with federal regulators, VF Corporation, headquartered in Denver, Colorado, revealed that it first detected the cyberattack on December 13. Hackers disrupted the company’s operations by encrypting some of its IT systems and stealing data, including personal information. This suggests that the attack was a ransomware incident.

As a result of the cyberattack, VF Corporation is currently experiencing operational disruptions, specifically in fulfilling customer orders. Customers attempting to place orders on the Vans website are being met with a message stating that estimated delivery dates are incorrect due to logistical disruption. Customers will be notified via email when their items ship and can track them with the shipper.

Current Status and Response

VF Corp. has confirmed that its retail stores worldwide remain open, and consumers can still purchase available merchandise online. However, it remains unclear when orders will be able to ship, as the company has not provided a specific timeline. When contacted for further information, a company spokesperson echoed the filing with regulators but did not address specific questions or confirm whether a ransom demand had been received.

At present, VF Corporation has not disclosed details about how the cyberattack occurred, what types of data were accessed, or the number of individuals affected by the breach. The identity of the hackers responsible for the attack also remains unknown, as no ransomware group has claimed responsibility.

Material Impact and Regulatory Compliance

In its regulatory filing, VF Corp. warned that the cyberattack would have a “material impact” on its business until its systems are fully recovered. The company stated that the investigation into the incident is ongoing, and therefore, the full scope, nature, and impact of the attack are yet to be determined.

It is worth noting that VF Corp. disclosed the cyberattack on the same day that the U.S. Securities and Exchange Commission’s new data breach disclosure rules came into effect. These regulations require organizations to report cybersecurity incidents, including data breaches, to the federal government’s securities regulator within four business days.

As VF Corporation works towards resolving the cyberattack and restoring its operations, customers and industry observers await further updates regarding the impact on order fulfillment and the steps taken to enhance cybersecurity measures.


Click Here For The Original Source.

National Cyber Security