The North Face says, "we strongly encourage you not to use the same password for your account at thenorthface.com that you use on other websites because if one of those other websites is breached, your email address and password could be used to access your account at thenorthface.com. Besides, we recommend avoiding using easy-to-guess passwords." In credential stuffing, hackers attack users who re-use their login credentials for different accounts or platforms. The hackers use ID and passwords stolen from other attacks, for instance, a data breach, and use the credentials for hacking purposes. The hackers use stolen login credentials to gain unauthorized access to websites. The entire process is mostly automatic, and now the hackers have modified their strategies and gained leverage in these types of attacks.
Hackers have been successful in stealing data from prominent organizations like Dunkin Doughnut. The company suffered two cyberattacks in three months. As per the investigation, The North Face believes that it is probable that the hackers stole user credentials from any other source or website and used that information to attack the company's user accounts. According to StatSocial, The North Face leads the U.S market in the clothing and accessories segment, generating $2 Billion of the total $4 Billion revenue in 2019.
The company didn't reveal the number of customers attacked; however, SimiliarWeb says that The North Face website had 6.96 Million customers in October. "We do not believe that the attacker obtained information from us that would require us to notify you of a data security breach under applicable law, but we are notifying you of the incident voluntarily, out of an abundance of caution," says The North Face.
Read more https://www.ehackingnews.com/2020/11/clothing-brand-north-face-hit-by.html
