VF Corp, the manufacturer of popular brands such as The North Face, Vans, Timberland, and more, was claimed by the embattled ALPHV ransomware cartel.
The cyberattack on VF Corp, one of the world’s largest apparel, footwear, and accessories companies, was likely the work of a Russia-linked ransomware gang, ALPHV, as it posted the victim on its dark web blog.
Earlier this month, VF Corp. confirmed to Cybernews the company “detected unauthorized occurrences on a portion of its information technology (IT) systems” on December 13th. A company spokesperson said IT teams had to shut down some of its systems to contain the damage.
The crooks’ post discussing the attack is unusually lengthy, lambasting VF Corp. for going to the FBI after news of the feds seizing some of the ALPHV’s infrastructure broke. As further proof of the damage the brush with law enforcement had on ALPHV, the gang said VF Corp. tried obtaining a decryptor from law enforcement to combat the gang’s malware.
A decryptor serves as a key to any ransomware gang’s malicious software, ransomware, which encrypts files on the victim’s system and, in some cases, backups.
Several experts that Cybernews has discussed ALPHV’s law enforcement problems with stressed that the release of a decryptor for ALPHV’s ransomware not only nullified at least some of the gang’s affiliate’s time spent extorting victims but also showed that the gang is far from invincible.
Earlier this month, VF Corp filed a breach notice with the SEC stating the incident will likely continue to have a material impact on business operations. Still, potential financial damages have not been determined.
Founded in 1899 and headquartered in Denver, the publicly traded company has more than 1265 retail stores, 35 thousand employees worldwide, and a revenue of $11 billion, according to its website.
Meanwhile, ALPHV has grown into one of the most prominent ransomware cartels of recent years. Most notably, the gang was behind the September ransomware attacks on the Las Vegas casino giants MGM Resorts and Caesars International, who are rumored to have paid a $15 million ransom to keep operations running.
More from Cybernews:
Subscribe to our newsletter