Retail Giants North Face and Cartier Suffer Cyber Attacks - Current Information Revealed
The Latest Targets:
Outdoor clothing company North Face and high-end jeweler Cartier recently fell victim to cyberattacks, adding to the growing list of retail industry breaches.
Cartier, ominously silent on specific timing, notified customers about an incident and fortified its systems in response. The luxury brand has communicated with relevant authorities and engaged external cybersecurity experts to assist in the investigation.
North Face, on the other hand, discovered an unusual cyber intrusion on April 23rd. Immediately, they took measures to curtail the breach. In a letter to customers, the company explained that a credential stuffing attack had taken place:
The attackers initially gained access to affected users' email addresses and passwords from another source. Thereafter, they successfully used these same credentials to breach North Face accounts.
Both retailers have confirmed customer data theft, but emphasize that no financial information was exposed.
Cartier informed customers that the stolen data included their names, email addresses, and country of residence, but not passwords, credit card or financial information. North Face disclosed that the stolen data from its customers included products purchased, shipping addresses, preferences, email addresses, and names, along with dates of birth and phone numbers (if saved in their accounts).
Continuing Retail Cybersecurity Concerns
Mike Britton, CIO at Abnormal AI, stressed that the absence of financial data or password exposure does not diminish the risk posed by such breaches:
Britton further cautioned that the menace does not cease with the initial breach. Instead, customer vigilance is paramount.
In recent weeks, Adidas, Victoria's Secret, and Harrods, as well as supermarket chains M&S and the Co-op, have experienced similar cyberattacks. The succession of attacks underscores the harsh reality for the retail sector, which has long been an attractive target for threat actors.
James Hadley, founder and chief innovation officer at Immersive, stated:
He contends that retailers filled with customer data provide an easy target for attackers, and the consequences can be considerable. As attackers have recognized the retail sector's weak defenses, recent breaches have likely invigorated them further.
Stay protected with these essential tips:
- Use unique and strong passwords for each account.
- Enable Multi-Factor Authentication (MFA).
- Implement Password Managers.
- Utilize advanced bot detection.
- Educate employees and customers about phishing attempts and the perils of sharing sensitive information.
- Develop an incident response plan.
- Monitor account activity.
- Invest in data breach detection tools.
- Collaborate with other businesses to stay informed about emerging threats.
- The ongoing cyberattacks on retail industry giants like North Face and Cartier, along with other brands such as Adidas, Victoria's Secret, and Harrods, highlight the need for enhanced cybersecurity measures in the industry.
- Despite the assurance that no financial data was exposed in the North Face and Cartier breaches, the stolen customer data can still be exploited by attackers for creating phishing emails and impersonation attempts, underscoring the importance of data analytics in detecting and preventing such incidents.
- Mike Britton, CIO at Abnormal AI, emphasizes that retailers should not overlook the risks associated with data theft, even without financial or password exposure, and should focus on augmenting their cybersecurity, technology, and data analytics strategies to protect customer information effectively.
