Hot Topic data breach thought to have hit nearly 54 million customers
Clothing store Hot Topic hit by ‘Satanic’ data breach
- Hot Topic data breach effects continue to emerge
- Leaked dataset reportedly includes encrypted credit card numbers
- Threat actor 'Satanic' has claimed responsibility
Breach notification site Have I Been Pwned has confirmed the personal data of 56,904,909 users was found online, leaked from Hot Topic, Torrid, and Box Lunch customers.
Threat actor ‘Satanic’ claimed responsibility for the breach, which was allegedly carried out through an infostealer infection, and made possible by weak security practices.
The dataset is reportedly on sale for $20,000 (although this has since been lowered to $4,000) and the hackers are demanding a $100,000 ransom from Hot Topic to remove the listing from the forums. Apparently, no notifications have been sent to customers as of yet.
Risk of identity theft
The leak reportedly occurred on October 19, but the data spans back all the way to 2011, so if you’ve used the Hot Topic website since then, we recommend being vigilant with your information just in case.
The data is said to have included email addresses, encrypted credit card numbers, physical addresses, and email addresses.
Reports suggest an employee's device was infected with malware, which resulted in the theft of more than 240 credentials, leading to the extensive data breach.
When a person is affected by a data breach, the worry is that a threat actor may purchase their details and use them to commit identity theft. We’ve listed the best identity theft protections to help keep you safe.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via BleepingComputer
You might also like
- Take a look at our pick of the best antivirus software
- What to do after a data breach?
- Check out our choices for best malware removal software
Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.