North Face, Cartier, and Next Step Healthcare have recently fallen victim to a series of cyberattacks that have compromised customer data. This article delves into the tactics employed by attackers and examines the broader implications for retail security.
High-end jeweler Cartier and outdoor gear retailer The North Face are the latest significant players in the retail sector to report data breaches. Both companies have confirmed that unauthorized entities accessed customer names and email addresses, raising critical concerns about data security.
The North Face notified its customers through email about a “small-scale” breach that occurred in April of this year. The communication indicated that users’ shipping addresses and purchase histories may have also been compromised. The company suspects that the attackers utilized credential stuffing, a technique where stolen login credentials from previous breaches are employed to infiltrate accounts, particularly those where customers reuse passwords. This incident draws attention to ongoing security challenges faced by The North Face’s parent company, VF Corporation, which previously experienced a cyberattack affecting its brand Vans in December 2023.
Similarly, Cartier reported that an external entity temporarily gained access to its systems, resulting in a breach of “limited client information.” While the luxury brand confirmed that passwords and credit card details remain secure, the incident nonetheless underscores the pressing need for enhanced security measures within the retail landscape. Cartier has taken swift action to contain the breach and has bolstered its systems’ protection while notifying relevant authorities. Although no financial data was compromised, the attack illustrates vulnerabilities that still exist in the sector.
Cyber Attacks on Retailers
The occurrences at Cartier and The North Face are not isolated incidents but rather part of an alarming trend of cyberattacks plaguing the retail industry. Prominent retailers, including Adidas, Harrods, and Victoria’s Secret, have reported similar security challenges, with Victoria’s Secret even suspending its U.S. website in May due to a breach.
In addition to these attacks, Marks & Spencer and the Co-op encountered substantial operational disruptions in April, with Marks & Spencer estimating potential profit losses of around £300 million due to its own security incident. This creates a context in which retailers must recognize the immediate need for robust cybersecurity measures.
Glenn Akester, Technology Director for Cyber Security & Networks at Node4, commented on these incidents, indicating that they underscore a fundamental weakness in many retailers’ cybersecurity frameworks. Akester emphasized that effective cybersecurity should be viewed not merely as a checklist of tools, but as a comprehensive resilience strategy aimed at rapid detection, containment, and recovery from breaches.
The tactics and techniques leveraged in these attacks can be contextualized within the MITRE ATT&CK framework. Initial access through credential stuffing, lateral movement, and data exfiltration are likely tactics employed by the attackers. Business owners must remain vigilant and proactive in implementing strong cybersecurity protocols to safeguard against such threats.
