VF believes it discovered “unauthorized occurrences” on its network starting on December 13, 2023. In their filing, they reported that they “ejected” network attackers on December 15th, 2023 after they took action and engaged “leading external cybersecurity experts, activat[ed] [their] incident response plan, and shut[] down some systems.” Their report states that, ultimately, they believe that the “threat actor stole personal data of approximately 35.5 million individual consumers.” They note, importantly, that they do “not collect or retain … any consumer social security numbers, bank account information or payment card information as part of [their] direct-to-consumer practices …”
| Data | |
|---|---|
| Filing Date/Time | 18/01/2024 at 16:33:42 GMT (4:33 PM EST) |
| Link | Edgar Data |
Please contribute with additional context and information about this filing.
| Organization | Headline | Date | URL |
|---|---|---|---|
| WSJ | VF Cyberattack Compromised Data for 35 Million Customers | 18/01/2024 at 9:49pm GMT (5:49pm EST) | URL |