StockX's warning of "suspicious activity" appears to have stemmed from a serious data breach. TechCrunch has learned through a black market data seller that a hacker stole 6.8 million records from the shoe trading site in May, including names, email addresses and (thankfully hashed) passwords. The data also included less vital info like shoe sizes, trading currencies and device version profiles.
TC verified the claims by contacting people from a sample of 1,000 records using information only they would know.
We've asked the company for comment.
While the intruders don't appear to have taken particularly sensitive info, like payment cards, it's still a significant breach -- especially when the seller intends to make the data available through the dark web. It also raises questions as to why StockX alerted users to password resets without explaining what had happened or the extent to which users' data was at risk. Simply put, victims didn't know how large the problem really was.
Source: TechCrunch
Tech
via https://www.aiupnow.com
, Khareem Sudlow