Over the weekend StockX, a popular sneaker and streetwear buying platform, announced that their servers had been accessed by an unauthorized third party who accessed customer data. Customers became suspicious when, at the end of last week, they started to receive emails from StockX stating that a password reset was required due to a security update. Users who received this took to Twitter to confirm that the emails were legitimate. StockX representatives responded to confirm the truth of these emails. The company confirmed that an attacker had gained access to their system and was able to access customer information that included customer names, email addresses, shipping addresses, usernames, hashed passwords and purchase histories. Researchers were able to confirm, through an unnamed source, that this data breach was for sale on the darknet. The unnamed source provided a small sample of the hacked information to researchers. In response to this breach, StockX stated that they are performing a system-wide security update, a full password reset of all customers, a lockdown of cloud computing and increasing the frequency of credential rotations. The company has not reported as to how many total customers were affected.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in