Vans Owner VF Corp. Hit by Cyberattack, Holiday Order Fulfillment Impacted
On Monday, VF Corporation, the U.S.-based owner of apparel brands including Vans, Supreme, and The North Face, confirmed a cyberattack has impacted the company’s ability to fulfill orders ahead of Christmas, reports TechCrunch. The company first detected the attack on Dec. 13, according to a filing with federal regulators. Hackers disrupted the company’s operations “by encrypting some IT systems, and stole data from the company, including personal data,” implying a ransomware attack. VF Corp. hasn't yet said how it was compromised, what kinds of data was accessed, and how many individuals — whether employees, customers, or both — are affected by the breach. It’s also not known who was behind the attack, which hasn't yet been claimed by any tracked ransomware group. The company said the breach has affected its ability to fulfill orders, but customers will still be able to place them online and shop in stores globally.
Total Retail's Take: Cyber attacks are major threats to retailers and brands year-round, but especially during the holiday season. VF Corp. is suffering a major blow to its business, specifically its ability to deliver holiday gifts to customers on time, but that may be just the tip of the iceberg. The full scope of the attack is still not known, and it will likely continue to have a material impact until recovery efforts are complete, the company said. VF Corp. added that it was not yet able to determine whether the company's financial condition would also take a hit. Shares of the company were down more than 7 percent on Monday.
VF Corp. disclosed the incident on the same day that the U.S. Securities and Exchange Commission’s new data breach disclosure rules came into effect. This regulation means that organizations must report cybersecurity incidents, including data breaches, to the federal government’s securities regulator within four business days. VF Corp. is the latest major company to be hit a by cyberattack that disrupted company operations. Caesars and MGM were hacked by the same cybercrime group earlier this year, resulting in Caesars paying $15 million in ransom, and Clorox was hit by a breach that prevented the company from keeping its items on store shelves earlier this year.
Kristina Stidham is the digital content director at Total Retail and sister brands Women in Retail Leadership Circle and Women Leading Travel & Hospitality at NAPCO Media. She is passionate about digital media and handles video, podcast and virtual event production for all brands. You can often find her at WIRLC, TR, WLT&H or industry events with her camera and podcasting equipment—or at home on Zoom—recording interviews with thought leaders and business executives.
Kristina holds a B.A. in Media Studies and Production from the Temple University Klein College of Media and Communication in Philadelphia. Go Owls! When she's not in the office, she loves to go on long walks, sing around the house, hangout with her family and two pet guinea pigs, and travel to new places.