HQ/EMEAFind out how we can help your business
The North Face, an outdoor apparel retailer, has issued a warning to customers after personal information was compromised in April through credential stuffing attacks on its website.
This affected company, owned by VF Corporation, which also owns Vans, Timberland, and Dickies, is a well-known American outdoor apparel and equipment company with over $3 billion in yearly revenue.
Recent reports indicate that its e-commerce accounts for over 42% of total sales, which may have attracted the threat actors.
The North Face faced off with hackers who utilised credential-stuffing tactics.
Credential stuffing attacks, a tactic which allegedly compromised The North Face, occur when fraudsters attempt to access user accounts via automated login attempts, utilising stolen username-password pairs from previous data breaches.
This approach is based on “credential recycling,” in which users utilise the same credentials across many platforms. However, these attacks tend not to succeed with accounts secured by multi-factor authentication (MFA).
On the other hand, the company has started notifying customers affected by the breach. A sample notice issued to the Vermont Attorney General confirms that the company was targeted in a credential stuffing attack on April 23, 2025.
The notice states that the company identified unusual activity on its website, thenorthface.com, and swiftly initiated an investigation.
Specifically, the notice revealed that following a swift and comprehensive investigation of the company, it discovered that an attacker carried out a minor credential-stuffing attack on its website on April 23, 2025.
The compromised information reportedly includes customers’ complete names, purchase histories, shipping addresses, email addresses, birthdates, and phone numbers.
The company stressed that payment details were not compromised since transactions are handled through an external provider; The North Face only keeps a token necessary to finalise transactions.
The parties concerned have already contacted The North Face for more information, including the number of customers impacted by the breach, but have not received a reply by the time of publication.
