North Face, Vans, Timberland manufacturer VF Corp says cyberattack impacting holiday orders

A suspected ransomware attack on VF Corp – manufacturer of popular lifestyle brands The North Face, Vans, Timberland, and more – has disrupted global business operations during the final holiday shopping rush.

VF Corp, one of the world’s largest apparel, footwear and accessories companies, confirmed to Cybernews it had first “detected unauthorized occurrences on a portion of its information technology (IT) systems” on December 13th.

A company spokesperson said IT teams immediately shut some of its systems down to try and contain the damage.

A preliminary investigation found the “threat actor” was able to encrypt some systems and steal sensitive information, including some personal data, according to the VF Corp spokesperson.

It's not clear exactly what information has been compromised or how much.

Besides The North Face outerwear and Vans sneakers, VF Corp is the parent company of ten other global brands, including Timberland, Dickies, Smartwool, Kipling, Jansport, and Eastpak.

A blow for holiday sales, the manufacturer said although “orders can be placed online for most brand sites,” the disruptions have affected the Company’s ability to fulfill global customer orders.

“At this time, VF-operated retail stores globally are open, and currently, consumers can purchase available merchandise, but VF is experiencing certain operational disruptions,” the VF Corp spokesperson said.

“The Company is working to bring the impacted portions of its IT systems back online and implement workarounds for certain offline operations with the aim of reducing disruption to its ability to serve its retail and brand e-commerce consumers and wholesale customers,” they said.

Lior Yaari, CEO and co-founder of Grip Security, said it's likely that some of the brands that make up VF Corporation are likely impacted more than others.

“VF Corporation’s IT environment is probably very challenging because they grew by acquiring a number of different companies over time,” Yaari explained.

“This creates a complex IT environment because each company has its own set of apps and technologies. The internal workflows and policies also differ, creating a complex environment,” he added.

Yaari said implementing a more consistent set of IT policies and technologies across its brands may help VF Corp prevent future ransomware attacks.

VF Corp filed a breach notice with the SEC stating the incident will likely continue to have a material impact on business operations, but potential financial damages have not been determined.

The company said it has brought in cybersecurity experts to help mitigate and notified federal law enforcement.

“The Company will continue to review its security measures to look for opportunities to strengthen resiliency in an ever-evolving threat landscape,” it said.

Founded in 1899 and headquartered in Denver, the publicly traded company has more than 1265 retail stores, 35 thousand employees worldwide, and a revenue of $11 billion, according to its website.

So far, no ransomware group has claimed the suspected attack.