Browse all

StockX website was hacked

Over 6 millions data were exposed

StockX website was hacked Over 6 millions data were exposed

The story got out thanks to an article published on TechCrunch: StockX's website, the leading reselling platform now valued $1 billion dollars, was reportedly hacked

Last Thursday the users of the website received an email that required them to reset the password of their accounts due to a system update. It's quite common for companies to reset the passwords of their users, especially to prevent leaks and to increase the security of their website. Although these were StockX's stated intentions, the website founded by Josh Luber, was actually trying to implement a security update after being alerted of suspicious activity

The users of the website were comprehensibly worried and sceptical upon receiving this email, not knowing whether it was legit or whether it was a hacking, especially because StockX did not make any statement on this issue, it did not warn in advance of this update, nor it responded both via mail and on Twitter to the customers requiring further information. Many security experts, though, said it is rare so see security overhauls that require a password change. 

What StockX did not say, though, is that the website was reportedly hacked back in May and that the request of changing password was an attempt to control the action of the hackers. Always according to TechCrunch, who reached out to an unnamed data breached seller, 6.8 million records were stolen from the site. The stolen data contains names, passwords, email addresses, shoe size, and even the user’s device type, such as Android or iPhone, and the software version. Basically, every private information of many users has been exposed. 

The most alarming aspect of the issue is that not a single representant of StockX, let alone the public face of the company, Josh Luber, has made a statement or has issued an apology on this case, but also the fact that the website has hidden the hack attack for months, in practice lying to its users. For months millions of customers kept using StockX unaware of the fact that all their private date were not private anymore. On Instagram and online are popping pages that talk of a possible class action against StockX.