The North Face website suffered a credential stuffing attackSecurity Affairs

Retail giant The North Face has reset passwords for a number of its customers in response to a successful account filling attack.

Retail giant The North Face was forced to change the passwords of some of its customers after a successful attack on September 8th and 9th. October.

Data protection attacks include the use of botnets to verify stolen access data, usually obtained through phishing attacks and data leakage. This attack is very effective because of the bad habit of users to re-use the same password for different services.

Threateners had access to the accounts of various customers and the associated personal information. The attackers registered the accounts on

The security of your personal information is important to us and we are writing to inform you that we have found evidence of unauthorized access to some of your personal information. The 9th. In October 2020, we were warned of unusual activities related to our website, which prompted us to launch an immediate investigation. Read the company’s data breach notice. After a thorough investigation we came to the conclusion that on 8 and 9 October 2020 an attack was launched on our website to feed personal data.

The information displayed includes customer names, birthdays, phone numbers, billing and shipping addresses, items purchased, items selected, email addresses, total VIPeak customer loyalty score.

The company began investigating the security breach and discovered that the attacker had previously accessed customer accounts from a source other than The North Face and had used
to access accounts on

The company felt that intruders could not gain access to customers’ financial data.

If you have stored your payment card (credit, debit or debit card) in your account at, a hacker will not be able to see your payment card number, expiration date or the CVV (short code on the back of your card) because we do not store a copy of this information on We only store the token that we have linked to your payment card and only our external payment card processor stores the payment card data. The token can not be used anywhere other than on to initiate a purchase. Therefore, your credit card information is not threatened by this incident.

The attack also resulted in unauthorized purchases on, and the company offered a refund for all unauthorized purchases.

The company has disabled all passwords of accounts accessible to hackers and removed all payment card tokens from all accounts on

Affected users will be prompted to re-enter payment information and create new passwords the next time they access their accounts on the company’s website.

Change your password on and on all other websites where you use the same password. Moreover, we advise you not to use passwords that are easy to guess.

We strongly recommend that you do not use the same password for your account on as on other websites, because if one of these websites is compromised, your email address and password may be used to access your account on

Pierluigi Paganini

(Security issues – Hacking, the north side)




Related Tags:

drovorub malware ioc,ransomexx,virustotal,uk data breaches 2020,it governance data breaches,wonga data breach,recent cyber attacks uk,missoma data breach,boots data breach