The e-commerce platform StockX experienced a data breach recently. The company had initially asked its customers to reset passwords as it had done some system updates to the StockX platform. But it was later revealed that the passwords were needed to be reset owing to a cybersecurity incident which had hit the platform.
The users of the e-commerce platform were confused as to whether the e-mail was a phishing attempt. But StockX confirmed that the e-mail was legitimately from the company.
According to TechCrunch, 6.8 million records were stolen from the website and put on for sale in a dark web listing. The data was up for sale for $300. TechCrunch has confirmed that the data has been bought at least once until now. The seller provided TechCrunch with 1,000 sample records to confirm the legitimacy.
The online publisher said that the data put on sale involved e-mail addresses, names, passwords (scrambled), and profile information like shoe size and trading currency. The data also indicated the user’s device type and software version.
StockX on its website has said that it is still carrying out an investigation into the matter with the help of third-party security experts. The company, yet again, asked its users to change their passwords immediately.