Apparel and footwear company VF Corp. disclosed last week that the personal data of about 35.5 million consumers were stolen as part of a December 2023 cyberattack.
According to a Jan. 18 filing with the U.S. Securities and Exchange Commission, the company—whose brands include Vans, The North Face, Timberland, Dickies, JanSport and Supreme—said all of its retail and online stores are operating with minimal issues after it needed to shut down some information technology systems due to the cyber incident detected on Dec. 13.
Related: Vans Owner VF Corp’s Order Fulfillment Operations Hit by Cyber Incident
VF said the hacker or hackers were “ejected” from its systems on Dec. 15. It has notified federal law enforcement and relevant regulatory authorities. No customer social security numbers, bank account, or payment card information is retained in its IT systems, VF said, adding that an investigation has not revealed any evidence that consumer passwords were acquired.
The company said it “will be seeking reimbursement of costs, expenses and losses stemming from the cyber incident by submitting claims” to its cyber insurers. VF had disruption to its operations, such as store replenishment, order fulfillment, and wholesale shipments as well as reduce demand on certain online sites. VF said it is “still experiencing minor residual impacts from the cyber incident.”
Personal data can include name, address, date of birth, and phone number. VF’s filing did not detail the type of personal data stolen.
Was this article valuable?
Here are more articles you may enjoy.
Growing Progressive Set to Hire 10,000 for Claims, IT, Other Roles 
Report: Cybercrime ‘A Thriving Business,’ as U.S. Claims Frequency Rises 
Insurers Get Green Light to Pay Less Than Billed Charges in Florida PIP Cases 
Apollo Accused in Lawsuit of Illegal Human Life Wagering Scheme 
Want to stay up to date?
Get the latest insurance news
sent straight to your inbox.