StockX had sent out an email to users asking them to reset their password due to ‘recently completed system updates’, prompting concerns over potential leakage of customer data. However, the company has released a detailed explanation of the situation to help ease user trepidation.
An excerpt from the statement reads:
We were alerted to suspicious activity potentially involving customer data. Upon learning of the suspicious activity, we immediately launched a comprehensive forensic investigation and engaged third-party data incident and forensic experts to assist. Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, shipping address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.
Since the breach, StockX have conducted a system-wide security update, and a full password reset of all customer passwords with an email to customers alerting them about resetting their passwords. A high-frequency credential rotation on all servers and devices has also taken place, as well as a lockdown of the company’s cloud computing perimeter.
In the meantime, if you use your StockX password for other accounts, the company recommends you change them ASAP.
You can head here to read more.