For the fourth time in its history, The North Face has notified customers that their account may have been compromised. This time, the company laid blame on a credential stuffing attack.
The North Face is best known for its line of outdoor clothing, footwear, and related equipment. With an annual revenue of over $3 billion, companies like The North Face are on the radar of cybercriminals. The notice from The North Face says: “On April 23, 2025, we discovered unusual activity involving our website, thenorthface.com (“Website”), which we investigated immediately. Following a careful and prompt investigation, we concluded that an attacker had launched a small-scale credential stuffing attack against our Website on April 23, 2025.”
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Devastating Cyberattack Shakes Up Pakistan’s Financial Sector
November 14, 2018
According to PakCERT’s Qazi Misbah, 22 banks in the country were subject to a catastrophic cyber attack on October 27th of this year. 19,864 accounts with client banking data were hit, with some victims saying that funds were stolen. Amongst the many targets was the former Chief Scientist of Khan Research Laboratories, who says that Rs3 ...
- Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants
November 13, 2018
Cybercriminals have become more and more creative and efficient in their efforts to successfully bypass network security. Reports of unauthorized network intrusions that have compromised enterprise security, resources, and data, plague experts on a day-to-day basis, and will continue to do so if not prevented by a more efficient detection system or method. Currently, attackers use polymorphism, ...
- Cathay Pacific hack: Airline admits techies fought off cyber-siege for months
November 12, 2018
Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, ...
- EUROPOL: Internet Organised Crime Threat Assessment 2018
November 12, 2018
It is my pleasure to introduce the 2018 Internet Organised Crime Threat Assessment (IOCTA), not only as it is the fifth anniversary edition of the report, but also my first as the Executive Director of Europol. The IOCTA has been and continues to be a flagship strategic product for Europol. It provides a unique law enforcement ...
- Emotet Campaign Ramps Up with Mass Email Harvesting Module
November 12, 2018
The new variant can exfiltrate emails for a period going back 180 days, en masse. A large-scale spam campaign has launched, spreading the Emotet banking trojan. Worryingly, the offensive has launched about a week after a fresh module for mass email-harvesting was detected for the malware. Emotet is technically a banking trojan, but it’s most often used ...
- Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
November 7, 2018
A sophisticated proxy code has infected hundreds of thousands of devices already. A fresh botnet is spreading across the landscape, targeting router equipment. So far, hundreds of thousands of bot endpoints have already been identified, and they’re apparently being marshaled to send out massive amounts of spam. The botnet first emerged in September, according to 360Netlab telemetry, ...