Here’s your weekly #databreach news roundup:​​​

North Face, Rachel Dillon’s fitness app Move, Maine student loan borrowers, San Francisco 49ers, The International Centre for Migration Policy Development (ICMPD), and IHG Hotel Group.

North Face


Outdoor apparel brand ‘The North Face’ was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website.

credential stuffing attack is when threat actors use email addresses/usernames and password combinations obtained from data breaches to attempt to hack into user accounts on other websites.

The success of these attacks relies on the practice of password recycling, where a person uses the same credentials across multiple online platforms.

The credential stuffing attack on The North Face website began on July 26, 2022, but the website’s administrators detected the unusual activity on August 11, 2022, and were able to stop it on August 19, 2022.

After investigating the attack, North Face determined that the attackers managed to breach close to 200,000 accounts using valid credentials, potentially accessing the following customer information:

  • Full name
  • Purchase history
  • Billing address
  • Shipping address
  • Telephone number
  • Account creation date
  • Gender
  • XPLR Pass reward records

Move With Us


An influencer’s fitness app has been implicated in a massive data breach likely to expose customers’ personal information and reveal photos.

Move With Us is an online fitness platform founded by Rachel Dillon, the Instagram star and three-time World Champion of Beauty & Fitness.


Previously known as Bodies By Rachel, the service provides multi-week fitness programs and nutrition guides and encourages users to take before and after photos to show their progress.

But the app suffered a massive data flaw on Tuesday afternoon that could potentially reveal users’ personal information and photos to others.

Maine student loan borrowers

A data breach at a student loan servicing company may have exposed the personal information of about 2.5 million borrowers, including more than 15,000 in Maine, according to the Portland Press Herald.

Nelnet Inc. reported an unknown party accessed “certain student loan account registration information” sometime between June and late July, according to the Press Herald.

According to the Nebraska-based company, the information that may have been accessed includes Social Security numbers, names, addresses, email addresses and phone numbers.

The Press Herald reported financial account numbers and payment information were not affected by the data breach.

San Francisco 49ers

NFL’s San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year.

The San Francisco Bay Area professional American football team confirmed that personal information (including names and Social Security numbers) belonging to 20,930 impacted individuals was accessed and/or stolen in the attack between February 6 and February 11, 2022.

“The 49ers conducted a thorough review of these files to identify the individuals whose information was contained in the files, and additional research to locate and verify the addresses for these individuals,” the team revealed in notification letters sent to affected individuals starting Thursday.

“The 49ers completed this process on August 9, 2022, and discovered that the incident involved the name and Social Security number of seven Maine residents.”

The International Centre for Migration Policy Development (ICMPD)


The International Centre for Migration Policy Development (ICMPD) confirmed on Wednesday it suffered a cyberattack that led to a data breach.

ICMPD operates in 90 countries conducting research, projects and activities centered around migration. It currently has 19 member states — most of which are European — and has observer status at the United Nations. It works with several UN and European agencies as well as states across Africa, Asia and South America.

Bernhard Schragl, communication coordinator for ICMPD, did not say when the attack took place but told The Record that the attackers managed to gain “limited access” to individual servers that held data.

ICMPD set up a task force of internal and external IT experts who are currently investigating the incident.

IHG Hotel Group


IHG Hotels & Resorts, one of the world’s hospitality giants, is experiencing ongoing, “significant disruptions” after “unauthorized activity” breached its technology system. 

The group’s Twitter feed has been busily responding to customer inquiries with this response: “As a result of unauthorized activity, our booking channels and other applications have been disrupted. We’re working to restore all systems asap and IHG hotels can take reservations. For help with a current or future reservation, please call the hotel directly.”

The UK-based group manages 17 hotel companies, with 0ver 6,000 properties in more than 100 countries, spanning luxury brands such as InterContinental, Regent and Kimpton to mid-range and extended-stay names like Crowne Plaza, Holiday Inn and Staybridge Suites.

“IHG is working to fully restore all systems as soon as possible and to assess the nature, extent and impact of the incident,” according to a brief statement. “We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG’s hotels are still able to operate and to take reservations directly.”