News and Updates on Information Technology

United States – The North Face

Exploit: Credential Stuffing
The North Face: Outdoor Apparel Retailer

Risk to Small Business: 2.322 = Severe

Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.

Individual Risk: 2.711 = Moderate

The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Credential stuffing attacks have gained new fuel from a bountiful harvest of Dark Web data dumps adding fresh ammo for cybercrime.