North face in light of the recent data-breach notification, the company told customers that it was alerted to unusual activity involving its website, “thenorthface.com” on October ninth. There, customers can buy clothing and gear online, create accounts and gain loyalty points as part of its “VIPeak Rewards Program.” After further investigation, The North Face concluded that attackers had launched a credential-stuffing attack against its website from October eighth to October ninth.
“Credential stuffing is accomplished by hackers who take advantage of people who reuse the same passwords across multiple online accounts. Credential-stuffing attackers typically use IDs and passwords stolen from another source, such as a breach of another company or website, which they then try to use to log in to other accounts — thus gaining unauthorized access. The process is often automated, and cybercriminals have successfully leveraged the approach to steal data from various popular companies”
Amongst having customer email addresses and passwords, these attackers may have accessed information stored on customers accounts such as, recent purchases, saved favorites, billing addresses, shipping addresses, loyalty point totals, email preferences, first and last names, birthdays and telephone numbers, Luckily North Face does not keep a copy of payment information on thenorthface.com meaning no credit/debit information was leaked.
“As a further precaution, we disabled all passwords from accounts that were accessed during the timeframe of the attack,” according to the company. “We also erased all payment-card tokens from all accounts on thenorthface.com. As such, you will need to create a new (unique) password and enter your payment-card information again the next time you shop on thenorthface.com.”
Sources
https://threatpost.com/credential-stuffing-attack-north-face/161190/ (Links to an external site.)