The North Face Fumbles Again: Another Credential Stuffing Attack Strikes!

The North Face is in hot water again with a credential stuffing attack, their fourth since 2020. Customers’ personal details like full names, purchase history, and more were exposed, but payment info remained safe. This latest blunder highlights the brand’s ongoing struggle with cybersecurity.

3P
Published: June 2, 2025 10:34 pmAdded: June 2, 2025 at 3:53 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like The North Face might want to consider renaming itself to “The Data Breach” after yet another credential stuffing attack! Forget climbing mountains; it’s time to climb the cybersecurity ladder and maybe finally reach the peak of multi-factor authentication.

Key Points:

  • The North Face has faced a credential stuffing attack, impacting user accounts.
  • This is the fourth such incident since 2020, highlighting a pattern of cybersecurity challenges.
  • Personal information like names, purchase history, and contact details were exposed, but payment info was safe.
  • The attack was discovered on April 23, 2025, and customers are being notified.
  • Previous attacks have also impacted The North Face and its parent company VF Corporation’s websites.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?