Digital Commerce360: VF Corp. discloses cyberattack on first day of new SEC rule
Date published:
Dec 21, 2023
Digital Commerce360
December 21, 2023
The Digital Commerce 360article by Abbas Haleem covers the recent disclosure to the SEC by VF Corp. regarding the unauthorized occurrences on their IT systems as well as discusses similar cyberattacks on other organizations.
The SEC disclosure by VF Corp. was made on the first day that registrants were required to disclose cybersecurity incidents and indicates that VF Corp. has taken immediate steps to contain the incident. The article also discusses cyberattacks that occurred this time last year against 23andMe Inc., Staples Inc., and Henry Schein Inc.
VikingCloud cyber evangelist and product expert, Jon Marler, is quoted indicating that those three incidents were not the same. “The 23andMe incident was not a data breach in the traditional sense,” he said, based on publicly available information. “According to the company’s statements, the culprit (or culprits) stole customer data, but they did so by exfiltrating via credential stuffing,” Marler said. “Meanwhile, the Staples and Henry Schein attacks appear to have been detected internally,” he said, “leading the companies to initiate incident responses.”
For more on the VF Corp. incident and the SEC disclosure ruling, read the full article at digitalcommerce360.com.