image credit: Andy Thrasher / Flickr

The North Face Disables Shopper Account Passwords after Credential-Stuffing Attack

November 16, 2020

A credential-stuffing attack on The North Face has forced the US-based outdoor retailer to disable the account passwords of an undisclosed number of online customers.

According to a data breach notification letter sent to impacted shoppers, the incident was discovered last month. “On October 9, 2020, we were alerted to unusual activity involving our website,, that prompted us to investigate immediately,” the message reads. “Following a careful investigation, we concluded that a credential stuffing attack had been launched against our website on October 8 and 9, 2020.”

Read More on Hot for Security