Recently, many StockX customers received emails from vendors to reset passwords. At that time, the company simply labelled the matter as part of system updates. However, that sudden change created unrest among the public. Now, finally, StockX confirmed data breach following a hacking attack. The incident impacted more than 6 million customers.
StockX Confirmed Data Breach
The US-based e-commerce platform StockX has suffered a massive hacking attack. The incident exposed millions of customer records to the attackers.
In a recent security update on their website, StockX confirmed the data breach affecting its customers. The firm explains that they began investigating the matter after it noticed some suspicious activity on their site. While they continue with the inquiry, they can confirm that attackers gained access to customers’ data. As stated in the notice,
Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, shipping address, username, hashed passwords, and purchase history.
While the firm hasn’t revealed any precise details yet, TechCrunch has unveiled some horrifying details. As revealed, StockX supposedly suffered the breach in May 2019, according to what an unnamed seller told TechCrunch.
The seller claimed to have around 6.8 million records, which he also put for sale on the dark web for $300. The seller also shared a sample of 1000 records with TechCrunch, which they could verify by contacting a few customers listed in it.
Payment System (Maybe)Unaffected
StockX has assured that the payment data remained unaffected during the incident.
From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.
However, this seemingly does not go in-line with what the customers experienced. Several customers noticed unauthorized purchases from their accounts.
Saying that "From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted." is completely false because i was impacted. Someone bought these with my credit card and my account had to be closed. pic.twitter.com/Y3EeVbEZ8g
— julio (@JulyCreps) August 4, 2019
For now, no official details from the vendors are available as they claim to be in early investigation stages only. Let’s see if they reveal more details in the coming days.
Take your time to comment regarding this news.