Vans owner VF Corp. shares tumble as it says cyberattack could hamper holiday fulfillment

Vans owner VF Corp. shares tumble as it says cyberattack could hamper holiday fulfillment


A Vans store is seen in Hong Kong.

Budrul Chukrut | LightRocket | Getty Images

Shares of The North Face and Vans owner VF Corp. tumbled Monday after the company reported that a hack had affected its ability to fulfill some orders ahead of the holidays.

The company said hackers encrypted “some” systems and made off with personal data. Those are some hallmarks of ransomware, where attackers try to extort companies in exchange for hefty payment. VF Corp. declined to comment on whether the incident was a ransomware attack.

The stock dropped more than 8% Monday.

VF Corp. announced the incident on the same day that the U.S. Securities and Exchange Commission’s new cyber disclosure rules took effect. Those regulations mandate that companies report “material cybersecurity incidents” to their investors within four days of determining that a hack would have an effect on their bottom lines. VF Corp. first identified hackers in its system on Dec. 13, meaning it took relatively little time for the company to identify the threat as material.

The attack is expected to hit the company’s operations in the lead up to the critical holiday shopping period. The company said the breach has affected its ability to fulfill orders, but customers will still be able to place them online.

The full scope of the attack is still not known, and it will likely continue to have a material impact until recovery efforts are complete, the company said.

The new SEC rules are designed to give investors a clearer picture of how attacks can harm businesses. When casino firm Caesars Entertainment was breached earlier this year, for example, the company quietly paid a $15 million ransom, sources previously told CNBC. Only after MGM Resorts was hit by the same attacker did Caesars disclose that it had been affected.

Under the new disclosure obligations, Caesars likely would have had to report the hack and the payment much earlier. Regulators and law enforcement strongly discourage companies from paying ransoms. But given the debilitating effects that cyber disruptions can have, many companies do so anyway. 

VF Corp. is the latest major company to be hit a by cyberattack that disrupted company operations. In addition to Caesars and MGM, Clorox was hit by a breach that prevented the company from keeping its items on store shelves earlier this year.



Source

Starbucks is about to report earnings. Here’s what to expect
Business

Starbucks is about to report earnings. Here’s what to expect

Consumers walk in front of a Starbucks coffee shop in Galeria Krakowska shopping mall in central Krakow, Poland, on July 11, 2025. Dominika Zarzycka | Nurphoto | Getty Images Starbucks is expected to report its fiscal third-quarter earnings after the bell on Tuesday. Here’s what Wall Street analysts surveyed by LSEG are expecting the company […]

Read More
Nike loses head of North America women’s business to Athleta
Business

Nike loses head of North America women’s business to Athleta

A Nike and Athleta store. Kylie Cooper | Reuters | Michael Brochstein | SOPA Images | LightRocket | Getty Images Gap’s Athleta has tapped the head of Nike’s women’s business in North America as its next CEO, delivering a blow to the sneaker company as it tries to win back more female shoppers.  Maggie Gauger, […]

Read More
NFL employee seriously injured in shooting at NYC headquarters
Business

NFL employee seriously injured in shooting at NYC headquarters

NFL Commissioner Roger Goodell told employees in an email early Tuesday morning that one of the league’s employees was seriously injured in a Monday shooting at a Midtown Manhattan office tower. “A gunman committed an unspeakable act of violence in our building at 345 Park Avenue,” Goodell said. “The employee is in stable condition and […]

Read More