Vans Customers Alerted to Potential Fraud After Company Data Breach

Vans customers are being cautioned about the risk of fraud or identity theft in the wake of a data breach at its parent company, VF Group.

The breach, detected by VF Group in December 2023, involved “unauthorised activities” on a segment of its IT systems, according to Vans.

While Vans assured customers that no intricate financial data or passwords were compromised, it conceded that there’s a possibility of criminals exploiting the acquired customer data.

VF Group, which also owns brands like Timberland, The North Face, and Dickies, has yet to confirm if customers of those brands are affected.

In an email to its customers, Vans disclosed that the breach was identified by VF Group on December 13 and was attributed to external threat actors. Immediate measures were taken, including the shutdown of affected IT systems and the engagement of cybersecurity experts, resulting in the expulsion of the hackers by December 15.

The investigation revealed that the breach exposed certain personal information of customers typically stored for managing online purchases, such as email addresses, full names, phone numbers, and addresses. However, Vans clarified that it doesn’t gather or retain payment or financial data like bank account or credit card information, thereby minimising the risk of such details being compromised.

Although no instances of customer impact have been reported thus far, Vans cautioned that the breach could lead to identity theft, phishing attempts, and potential fraud. Customers were advised to remain vigilant against suspicious emails, texts, or phone calls soliciting personal information.

Vans has reached out to relevant law enforcement agencies and pledged to reassess its cybersecurity protocols in response to the breach.