Published 7 months ago • loading... • Updated 6 months ago

Why Good Passwords Matter: 2,800 North Face Accounts Breached in Cyberattack

On April 23, 2025, The North Face identified a security incident involving unauthorized login attempts on its US website, which resulted in the compromise of some customer accounts.
The attack exploited reused login credentials stolen from breaches unrelated to The North Face's systems, allowing unauthorized access to personal data.
The compromised information included customers' names, email addresses, purchase histories, shipping addresses, dates of birth, and phone numbers, but no payment card data was exposed.
The North Face reset passwords for affected accounts and urged users to create unique passwords, warning that credential stuffing starts with as little as $500 investment in software, according to cybersecurity experts.
This incident marks the fourth credential stuffing attack on The North Face since 2020, highlighting ongoing cybersecurity challenges and the risks of not enforcing multifactor authentication.

Insights by Ground AI

Podcasts & Opinions

Podcast Mention

CyberWire Daily

Daily Cybersecurity and Tech News podcast featuring Dave Bittner, Rick Howard and David Moulton

Google issues an emergency patch for a Chrome zero-day. A new malware campaign uses fake DocuSign CAPTCHA pages to trick users into installing a RAT. A high-severity Splunk vulnerability allows non-admin users to access and modify critical directories. Experts warn congress that Chinese infiltrations are preparations for war. Senators look to strengthen cybersecurity collaboration in the U.S. energy sector. Crocodilus Android malware adds fake contacts to victims’ phones. SentinelOne publishes a detailed analysis of their recent outage. Cartier leaves some of its cyber sparkle exposed. Our guest is Jon Miller, CEO and Co-founder of Halcyon, discussing Bring Your Own Vulnerable Driver (BYOVD) attacks. Microsoft and CrowdStrike tackle hacker naming…or do they?

CyberWire Daily discusses Cartier's data breach after unauthorized access exposed customer details.

7 months ago

Listen to Full Episode Full Episode Unlock Timestamp

Get Vantage — Podcasts, Ratings, Timestamps

Podcasts & Opinions

31 Articles

cnet

Center

Why Good Passwords Matter: 2,800 North Face Accounts Breached in Cyberattack

The outdoor and fitness retailer says attackers used a credential-stuffing attack to access the customer accounts. Here's what you need to know.

6 months ago·New York, United States

Read Full Article

WWD

Center

The North Face Deals With Cybersecurity Attack

Last year the average cost of a retail data breach reached $3.48 million — an 18 percent upswing compared to 2023.

6 months ago·United States

Read Full Article

Birmingham Mail

Center

Major fashion brand hit by cyber attack with personal data stolen - Birmingham Live

The North Face has been hit by a cyber attack, with shoppers told some personal information may have been taken

6 months ago·Birmingham, United Kingdom

Read Full Article

The Sun

Lean Right

Jeweller Cartier and fashion brand The North Face fall victim to cyber attacks

Jeweller Cartier and fashion brand The North Face are the latest victims of cyber attacks. Cartier, whose watches are worn by stars such as Cate Blanchett, said: “An unauthorised party gained temporary access to our system. GettyNorth Face has urged customers to change their passwords[/caption] “We contained the issue and further enhanced the protection of our systems and data.” North Face said it discovered a “small-scale” attack in April. It…

6 months ago·United Kingdom

Read Full Article