North Face and Cartier had customer data compromised.
Fashion and apparel retailers continue reporting cyberattacks.
Outdoor apparel and gear retailer The North Face and luxury jewelry/watch/accessories brand Cartier have both disclosed online security breaches. These announcements come in the wake of other recently publicized cyberintrusions reported by fashion and apparel retailers such as Victoria’s Secret, Dior, Marks & Spencer, Harrods, Co-Op and Adidas.
[READ MORE: Adidas discloses third-party data security breach]
In addition, North Face parent VF Corp. previously acknowledged that a December 2023 cybersecurity incident resulted in approximately 35.5 million individual consumers having some personal data stolen.
A brief synopsis of the North Face and Cartier incidents follow.
North Face
In a letter to affected customers publicly released by North Face, the retailer said on April 23, 2025, it discovered unusual activity involving its thenorthface.com website, which it investigated immediately.
Following an investigation, North Face said it concluded that an attacker had launched a small-scale credential stuffing attack where they used account authentication credentials (such as email addresses/usernames and passwords) stolen from another source, such as a breach of another company or website, to gain unauthorized access to user accounts.
Although North Face said it does not believe that the incident involved information that would require it to legally notify them of a data security breach it is notifying customers of the incident voluntarily, out of an “abundance of caution.”
“We believe that the attacker previously gained access to your email address and password from another source (not from us) and then used those same credentials to access your account on our website,” North Face said in the letter.
The retailer believes that the attacker obtained information which may include products they have purchased on the North Face e-commerce site, shipping address(es), preferences, email address, first and last name, date of birth and telephone number.
However, North Face said credit, debit, or stored value card information was not compromised and the attacker could not view payment card number, expiration date, or CVV code because it does not keep a copy of that information on its site.
North Face said it has taken steps included disabling passwords.
