Connect with us

Hi, what are you looking for?


Data Breaches

VF Corp Says Data Breach Resulting From Ransomware Attack Impacts 35 Million

Apparel and footwear brands owner VF Corp shares more details on the impact of a December 2023 ransomware attack.

VF Corp Cyberattack

The personal information of 35.5 million customers was stolen in a ransomware attack in December 2023, apparel and footwear brands owner and operator VF Corporation revealed on Thursday.

In mid-December, the Denver, Colorado-based company, which owns brands such as Dickies, The North Face, Smartwool, Timberland, and Vans, announced that it took certain systems offline in response to a ransomware attack that impacted its operations.

Right from the start, VF Corp said that the attackers were able to access certain corporate and personal information, and that a material impact from the incident was expected.

In a January 18 Form 8-K filing with the Securities and Exchange Commission (SEC), the company revealed that the hackers stole the personal information of approximately 35.5 million individual consumers.

While it did not specify what type of information was compromised in the data breach, VF Corp pointed out that it does not store Social Security numbers, bank account information, and payment card details, and that it has found no evidence that customer passwords were stolen.

The company also said that “the threat actor was ejected from VF’s IT systems on December 15, 2023,” and that it has since restored all impacted systems, albeit it continues to experience some minor operational impact.

Following the shut down of systems to contain the attack, the company was unable to replenish retail store inventory and order fulfillment was delayed, which resulted in order cancellations, reduced demand on certain web stores, and the delay of some wholesale shipments.

VF Corp retail stores, brand e-commerce websites, and distribution centers are currently operating with minimal issues, the company said.

Advertisement. Scroll to continue reading.

“While VF is still experiencing minor residual impacts from the cyber incident, VF has resumed retail store inventory replenishment and product order fulfillment, and is caught up on fulfilling orders that were delayed as a result of the cyber incident,” the company also noted.

VF also said that it expects the attack to have no other material impact than “the material impacts on VF’s business operations” disclosed in December and the incident might not influence its financial condition and results of operations.

Related: HMG Healthcare Says Data Breach Impacts 40 Facilities

Related: Law Firm Orrick Reveals Extensive Data Breach, Over Half a Million Affected

Related: 4.5 Million Individuals Affected by Data Breach at HealthEC

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.