Excerpt from BBC Article, Published on Mar 19, 2024


Customers of the renowned footwear brand Vans have been alerted to the potential risk of fraud and identity theft following a data breach at its parent company. VF Group, the parent company of Vans, detected “unauthorized activities” on a segment of its IT systems in December 2023, Vans disclosed. Although Vans clarified that no detailed financial information or passwords were compromised, it acknowledged that there’s a possibility of criminals attempting to misuse the customer data they obtained.

VF Group, which also owns brands like Timberland, The North Face, and Dickies, has not clarified whether customers of those brands are affected by the breach. The BBC has reached out to VF Group for clarification. According to an email sent to its customers, Vans reported that VF Group first identified the data breach on December 13, which was apparently orchestrated by external threat actors.

Vans stated that immediate measures were taken to address the threat, including the shutdown of affected IT systems and the engagement of cybersecurity experts. By December 15, the hackers were reportedly expelled from the system. The investigation revealed that the breach compromised certain personal information of customers, typically used for managing online purchases, including email addresses, full names, phone numbers, and billing and shipping addresses.

However, Vans assured customers that it neither collects nor retains payment or financial data like bank account or credit card information, mitigating the risk of detailed financial exposure to the threat actors. While Vans has not received reports of affected customers thus far, it cautioned that the incident could lead to identity theft, phishing attempts, and potential fraud. Customers were advised to remain vigilant against suspicious emails, texts, and phone calls requesting personal information. Vans informed that it has notified relevant law enforcement agencies and pledged to reassess its cybersecurity protocols in response to the breach.


To delve deeper into this topic, please read the full article on BBC.