StockX- The E-commerce Company Hacked
StockX has reported $1 Billion valuation.
StockX recommend users to change their password.
Hacked data included customers names, email address, Hashed Passwords and other private information. It also contain users devices such as iPhone and Android.
StockX sent email to their customers to reset their passwords and claiming that the ‘System updates’. But actually they were hacked by unknown hacker.
A spokesperson told to TechCrunch that the company was “alerted to suspicious activity” on its site but declined to comment further.
An unnamed data breached seller contacted TechCrunch, and claiming more than 6.8 million records were stolen from the site in May by a hacker. The seller declined to say how they obtained the data.
The seller is offering to sell the StockX data, which is more than 6.8 million users for $300 in a Dark Web listing. One person has already bought StackX Data.
StockX posted in blog,
We were alerted to suspicious activity potentially involving customer data. Upon learning of the suspicious activity, we immediately launched a comprehensive forensic investigation and engaged third-party data incident and forensic experts to assist.
Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, shipping address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.
we implemented immediate infrastructure changes to mitigate and address any potential effects of the suspicious activity. These infrastructure changes included:
- A system-wide security update;
- A full password reset of all customer passwords with an email to customers alerting them about resetting their passwords;
- High-frequency credential rotation on all servers and devices; and
a lockdown of our cloud computing perimeter
We take data security and privacy very seriously, and will continue to communicate with our customers and work hard to protect those who trust us with their shopping experience, said StockX