VF Corp. (Denver) reported that a major hack is impacting its ability to fulfill orders ahead of the holidays, according to a variety of published reports, including this one from CNBC. The company, which operates a total of about 1265 stores under the Vans, Timberland, The North Face and Dickies flags, says its physical locales remain open and consumers can purchase available merchandise there, but that it is experiencing “certain operational disruptions,” including an inability to fulfill online orders.
VF disclosed the breach in a filing with federal regulators, which said the hackers encrypted some of the retailer’s systems and made off with personal data. Those are hallmarks of ransomware, where attackers try to extort companies for hefty payment. However, VF Corp. declined to comment on whether the incident was indeed a ransomware attack, CNBC reports.
VF filed its report with the SEC on the same day that the regulatory body’s new cyber disclosure rules took effect. Those regulations mandate that companies report “material cybersecurity incidents” to their investors within four days of determining that a hack would have an effect on their bottom lines. According to its filing, VF Corp. first identified hackers in its system on Dec. 13, meaning it took three days for the company to disclose the threat to the SEC.