For the fourth time in its history, The North Face has notified customers that their account may have been compromised. This time, the company laid blame on a credential stuffing attack.
The North Face is best known for its line of outdoor clothing, footwear, and related equipment. With an annual revenue of over $3 billion, companies like The North Face are on the radar of cybercriminals. The notice from The North Face says: “On April 23, 2025, we discovered unusual activity involving our website, thenorthface.com (“Website”), which we investigated immediately. Following a careful and prompt investigation, we concluded that an attacker had launched a small-scale credential stuffing attack against our Website on April 23, 2025.”
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Ex-CIA employee charged with leaking ‘Vault 7’ hacking tools to Wikileaks
June 18, 2018
A 29-year-old former CIA computer programmer who was charged with possession of child pornography last year has now been charged with masterminding the largest leak of classified information in the agency’s history. Joshua Adam Schulte, who once created malware for both the CIA and NSA to break into adversaries computers, was indicted Monday by the Department of Justice on 13 ...
- Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist
June 13, 2018
A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said $10 million was stolen from Banco de Chile and funneled off to an account in Hong ...
- Zero-Day Flash Exploit Targeting Middle East
June 7, 2018
A zero-day vulnerability is being exploited in the wild in targeted attacks against Windows users in the Middle East, researchers warned Thursday. The Flash Player vulnerability (CVE-2018-5002), a stack-based buffer overflow bug that could enable arbitrary code execution, was patched earlier today by Adobe. Read more… Source: ThreatPost
- Targeted Spy Campaign Hits Russian Service Centers
June 7, 2018
A series of espionage attacks have been uncovered, targeted at service centers in Russia that provide maintenance and support for a variety of electronic goods. The payload is a commercial version of the Imminent Monitor tool, which is freely available for purchase as legitimate software. Its developers explicitly prohibit any usage of the tool in a malicious way ...
- VPNFilter Malware Impact Larger Than Previously Thought
June 6, 2018
Researchers say the impact of the VPNFilter malware discovered last month is larger than originally reported. On Wednesday, Cisco Talos researchers said they now believe the malware has infected twice the number of router brands than previously stated. They added that VPNFilter also delivers a more potent punch than they originally thought, and have identified a previously ...
- Prowli Malware Targeting Servers, Routers, and IoT Devices
June 6, 2018
After the discovery of massive VPNFilter malware botnet, security researchers have now uncovered another giant botnet that has already compromised more than 40,000 servers, modems and internet-connected devices belonging to a wide number of organizations across the world. Dubbed Operation Prowli, the campaign has been spreading malware and injecting malicious code to take over servers and websites around ...