If you have been a subscriber of TOMS Shoes, you may have received a strange email. As revealed, a hacker with the pseudonym “Nathan” attacked TOMS Shoes systems and accessed their mailing list. He then sent emails to users, leaving them a ‘friendly’ message.
TOMS Shoes Mailing List Hacked
Recently, subscribers of TOMS Shoes received some strange emails apparently from the firm. The content of the emails had a piece of advice for them. It asked the recipients to go offline and have some fun in the real world. Specifically, it read,
hey you, don’t look at a digital screen all day, theres a world out there that you’re missing out on. (:
After receiving these emails, users flooded Twitter with screenshots of these strange messages. It didn’t take much time for them to guess it was down to a hack.
It looks like TOMS’s mailing list was hacked and I guess times are so rough hackers are just sending self care reminders now pic.twitter.com/SrdnlEkxJW
— Alisha Rai (@AlishaRai) October 6, 2019
Why did I just get this email from TOMS LOL pic.twitter.com/chRTVPZJzr
— Inaya (@iajazzz) October 6, 2019
Did @TOMS get compromised or did the marketing team get weird? Either one seems possible. pic.twitter.com/6dfJRAAERk
— Ben Cotton says #BlackLivesMatter (@FunnelFiasco) October 6, 2019
Some of the recipients even praised the hacker for being nice.
At least he's a nice hacker ??♀️? @TOMS @TOMSsupport pic.twitter.com/HwPQRzkxNL
— Céline ? (@DesirontCeline) October 6, 2019
At least if my details have been stolen in @TOMS hacking incident the guy seems friendly.. @TOMSeurope pic.twitter.com/gRIQ0JMMzx
— not maddy (@mmmaldoy) October 6, 2019
It quickly turned out that the incident was real. According to Motherboard, the guy with the alias Nathan managed to hack TOMS Shoes mailing list. Nonetheless, it seemed to be more jokey rather than with malicious intent. He aimed to send a positive message. As he told Motherboard,
I had TOMS hacked for quite a while, but with a busy life and no malicious intent, it was pretty useless to have them hacked…
By this point responsible disclosure is not a option. So I thought I may as well send out a message I believe in just for fun. End purpose was to spread my message to a large amount of people.
He even reassured people about the safety of their data (at least from his side) via Tweets.
If you bought from TOMS before. No need to worry about your information ending up publicly online. I have no intention of saving the important information I have access to. So no worries (: P.S. I can only speak for myself and not for if other hackers hacked their network.
— . (@tomsatg1) October 6, 2019
He also revealed what motivated the emails:
seems young people now just avoid communication and look at their phone screen/plug headphones in to avoid talking. I hope some people liked my message (:
— . (@tomsatg1) October 6, 2019
TOMS Confirmed The Attack
Following the incident, TOMS confirmed the attack on their official Twitter account.
We are aware of unauthorized activity through our communications channels including email and social media. We are actively looking into the matter. In the meantime, please do not click on any links or reply to it.
— TOMS (@TOMS) October 6, 2019
While it didn’t take much for the users to guess the site was hacked, the firm itself took several hours to confirm. This enraged many users as well.
https://twitter.com/chloe_bond/status/1180890336295559169
I have unsubscribed from you as I don't trust your system. Sort out your GDPR. Very surprised and disappointed.
— Clare L (@FlutterbyVoyage) October 7, 2019
Currently, we don’t know many details about how exactly the events happened with TOMS. Nor has the hacker revealed how he got the mailing list.
TOMS has mentioned there will be ongoing investigations, let’s wait for the details to unveil.
Also, do let us know your thoughts about this incident.