Fashion brand The North Face and luxury jeweller Cartier have become the latest retailers to report having customer data stolen in cyber attacks.
North Face has emailed some customers saying it discovered a “small-scale” attack in April this year.
Cartier said “an unauthorized party gained temporary access to our system”.
Both brands say data such as customers names and email addresses were taken, but financial information was not.
There has been a wave of cyber attacks on high-profile retailers in recent weeks, including Adidas, Victoria’s Secret and Harrods.
Marks and Spencer (M&S) and the Co-op had their operations severely disrupted when they were targeted in April.
The UK’s National Crime Agency has said catching the criminals responsible is their top priority.
North Face told customers, external the hackers it was targeted by used a technique called “credential stuffing”, where attackers try usernames and passwords stolen from another data breach, in the hope customers have reused the same passwords across multiple accounts.
They say the attackers may have been able to gain access to some users’ shipping addresses and purchase histories.
Affected customers will need to change their passwords.
North Face’s owner, VF Corporation, was hit by a separate cyber attack in December 2023.
That affected another of its brands, Vans, with its customers being warned their information may be at risk.
Cartier’s data breach, meanwhile, was a hack of its system where attackers “obtained limited client information,” according to an email to its customers seen by BBC News.
Source: BBC