Thousands of North Face customers accounts hacked, personal data stolen

The North Face jacket
(Image credit: Shutterstock.com / Kamil Zajaczkowski)

Outdoor clothing brand The North Face has been hit by a major cyberattack that has seen nearly 200,000 customer accounts hacked.

The company confirmed that its thenorthface.com website was impacted by a large-scale credential stuffing attack that has resulted in the hacking of 194,905 customer accounts.

The attackers were able to steal user email addresses and passwords, as well as personal information stored on user accounts - however it appears no payment or card data was affected.

North Face breach

The company is now contacting affected customers, informing them of the attack and instructing them to update their passwords immediately.

In a breach notification document, The North Face told customers that it had detected "unusual activity" on its website on August 11 2022. Following an investigation, it found had attackers had launched a credential stuffing attack against the website at some point between July 26 and August 19, 2022.

Credential stuffing attacks see criminals use login or authentication details such as email addresses and passwords taken from previous data breaches or leaks in an attempt to find other accounts to log in to.

In this case, The North Face confirmed the attackers would have been able to access details including full names, purchase history, billing and shipping addresses, telephone numbers and even gender.

Fortunately, no payment details were stored on the website, so all credit and debit card data remained safe.

"We do not keep a copy of payment card details on thenorthface.com. We only retain a "token" linked to your payment card, and only our third-party payment card processor keeps payment card details," the company noted.

"The token cannot be used to initiate a purchase anywhere other than on thenorthface.com."

Affected user accounts and passwords have been reset, with users instructed to pick strong and unique new passwords that are not used on any other websites or platforms.

Via BleepingComputer

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.