VF Corp Disrupted by Cyberattack, Online Operations Impacted

Share This Post

VF Corporation (NYSE: VFC), a company that owns and operates some of the biggest apparel and footwear brands, has been hit by a ransomware attack that included the theft of sensitive corporate and personal data.

In a filing with the SEC, VF Corp said the hackers disrupted business operations — including its ability to fulfill ecommerce orders — and hijacked data from the company, including personal data. 

The company did not provide additional details on the stolen data, or whether third-party customer data was exposed.

“[We are] working to bring the impacted portions of its IT systems back online and implement workarounds for certain offline operations with the aim of reducing disruption to its ability to serve its retail and brand e-commerce consumers and wholesale customers,” VF Corp said.

The mega-corporation, which owns brands that include The North Face, Vans, Timberland, Smartwool and Dickies, said its retail stores around the world remain open but warned that it is experiencing “certain operational disruptions.” 

VF Corporation is one of the world’s largest apparel, footwear and accessories companies, owning a portfolio of well-known global brands

VF Corp said consumers are still able to place orders on most of the brand e-commerce sites globally but the company’s ability to fulfill orders is currently impacted. 

The Denver, Colorado-based company noted that the full scope, nature and impact of the incident are not yet known and cautioned that it is “reasonably likely to continue to have a material impact on business operations until recovery efforts are completed.” 

VF Corporation is one of the world’s largest apparel, footwear and accessories companies and sells products in more than 100 countries. The company has revenue of more than $11.6 billion, with roughly 35,000 employees around the world and 1,265 owned retail stores.

Shares of the company are trading down nearly 9% at the time of publishing.

Advertisement. Scroll to continue reading.

News of the incident comes on the same day that the SEC’s new cyber incident disclosure requirements come into effect, requiring companies to disclose any “material breach” within four business days of discovering that the incident has material impact.

Related: MongoDB Confirms Hack, Says Customer Data Stolen

Related: Food Giant Kraft Heinz Targeted by Ransomware Group

Related: Delta Dental Says Breach Exposed 7 Million Customers

Related: Toyota Germany Customer Data Stolen in Ransomware Attack

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.
Article

BFU – Seeing is Believing

Oh no, the device is in BFU. This is the common reaction; a device needs extracting, and you find it in a BFU state. Often, there’s an assumption that a BFU extraction will only acquire basic information, but that isn’t always the case.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .