The North Face, the outerwear, apparel and gear for outdoor recreation and fitness retailer, has confirmed that its e-commerce website was impacted by a cybersecurity incident in April 2025.
The incident compromised about 1,500 customers’ email and shipping addresses, names, dates of birth and telephone numbers, according to a consumer notice letter.
Following an investigation, it was found that no credit card information was compromised, as card details such as numbers, CVVs, and expiry dates are processed by a third party and are not stored on The North Face's website.
The North Face notified its customers about the cyberattack and advised those impacted to reset their passwords as a precautionary measure.
The spokesperson said, “Protecting the data of our customers is the highest priority.”
According to The North Face, the perpetrators employed a method known as "credential stuffing." This approach involves cybercriminals using previously compromised usernames and passwords from other data breaches, betting on the possibility that individuals might have recycled their login credentials across various online platforms.
According to the consumer notice letter, The North Face attacker got the usernames from a separate source and not from the company, and the VF-owned brand disabled the affected passwords.
The breach comes at a time when multiple fashion and apparel companies have reported cybersecurity incidents, including Victoria’s Secret and Dior.
