Online sneaker marketplace StockX experienced a data breach that exposed millions of customers' data, revealed only after a company email asked users to reset their passwords for "system updates," TechCrunch reports.
Why it matters: Last month, StockX was valued at over $1 billion after a $110 million fundraising round. The tracker, which has helped niche shoe buyers decide whether to sell, buy or hold, has exploded among non-shoe lovers who are only interested in the gains they can make from flipping sneakers at higher prices.
An unnamed seller of the stolen data contacted TechCrunch and claimed that more than 6.8 million records were stolen from StockX in May. Details per TechCrunch:
- The stolen data contained names, email addresses, shoe sizes, trading currency, device types and more.
- The seller put the data up for sale for $300 in a dark web listing. One person at the time of writing had already bought the data.
- StockX confirmed the hack to Engadget and said it has implemented "immediate infrastructure changes to mitigate and address any potential effects of the suspicious activity."
What to watch: Under GDPR guidelines, StockX could be fined as much as 4% of its global annual revenue for the violations.
Go deeper: The slow decay of sneaker culture
Editor's note: The story has been updated to reflect that TechCrunch was contacted by an unnamed seller of the stolen data (not a seller whose data has been breached).
