In what’s being described as the largest retail data breach in history, US retail chain Hot Topic and its sister companies, Box Lunch and Torrid, have fallen victim to a massive cyberattack. According to cybersecurity researchers at Hudson Rock, the breach exposed sensitive personal and payment information of 350 million customers.
The Breach Unfolded
The attack was carried out by a hacker using the alias “Satanic,” who is now advertising the stolen database on an underground forum. The compromised information includes customers’ names, emails, addresses, phone numbers, and birthdates. Even more concerning, billions of payment details were also stolen, including the last four digits of credit cards, hashed expiration dates, and account holder names.
Loyalty points tied to Hot Topic and Box Lunch accounts were also taken in the breach, further adding to the scale of the data compromise. This breach is particularly alarming due to the sheer volume of sensitive information leaked.
How Did This Happen?
The source of the breach has been traced back to Robling, a company that provides data analytics and integration solutions to retailers. It appears that one of Robling’s employees had their computer infected with malware in September 2024, resulting in the theft of over 240 credentials. These credentials allowed the hacker to access cloud storage accounts, including those on the popular Snowflake platform.
While Snowflake was previously targeted by a string of credential stuffing and brute-force attacks earlier this year, this breach was exacerbated by a lack of multi-factor authentication (MFA) on a key account. Once the hacker gained access, they were able to steal vast amounts of customer data.
The Ransom
In a bold move, the hacker is offering to sell the stolen database for $20,000 on the dark web. Alternatively, they have offered Hot Topic the chance to remove the data from circulation for a hefty $100,000 ransom.
What Can You Do?
If you’re a customer of Hot Topic, Box Lunch, or Torrid, it’s crucial to take immediate steps to protect yourself:
- Change your passwords for your accounts on these platforms.
- Monitor your credit card statements and bank accounts for any unusual activity.
- Consider placing a fraud alert on your credit file to prevent unauthorized access.
Additionally, keeping a close eye on your loyalty points and personal accounts will help detect any suspicious behavior early on.
Conclusion
This hack is a clear reminder of how crucial it is to protect personal information using strong security protocols, such multi-factor authentication. As data breaches become more common, businesses and individuals alike must prioritize cybersecurity to stay one step ahead of malicious actors.