© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Hot Topic may be the victim of the largest retail breach in history


A hacker claims to have stolen personally identifiable information of 350 million customers of merchandise and clothing store Hot Topic and affiliate brands Torrid and Box Lunch.

A threat actor called ‘Satanic’ posted a message on a hacking forum on the dark web, announcing the data breach of three United States clothing companies.

He claims to have exfiltrated personal information of 350 million customers, including names, addresses, phone numbers, email addresses and dates of birth.

In addition, he says he was able to obtain billions of payment details, such as the last four digits of customers’ credit cards, card types, hashed expiration dates and account holder names.

Lastly, he stole billions of loyalty points tied to Hot Topic and Box Lunch. These loyalty points could be used by threat actors for account takeovers, especially since these points do not expire.

According to Israeli security firm Hudson Rock, the threat actor is asking $ 20,000 for the data. Hot Topic on the other hand is being extorted for $ 100,000 for not making the stolen data public.

Security researchers found evidence that the data breach may have happened by installing infostealer malware on an employee’s computer on September 12, 2024. Hudson Rock identified the infection because it operates Cavalier, a cyberintelligence platform that monitors compromised computers with the goal of alerting clients.

“With over 240 credentials found on the (compromised) machine, many of which are corporate, researchers determined that this person is employed at a company called ‘Robling,’ whose description is ‘Helping retailers unite data across silos’,” the cybersecurity company says in a blog post.

The findings suggest the employee was trying to analyze Hot Topic’s data through cloud platforms such as Snowflake, Microsoft Azure and Google’s Looker. The data got exposed after a hacker installed infostealer malware on the employee’s computer.

Researchers at Hudson Rock reached out to ‘Satanic’. The hacker claimed that the breach originated “from a lack of MFA on a Snowflake account along with ‘other links’”.

As of writing, Hot Topic hasn’t confirmed nor denied it suffered a data breach.


Leave a Reply

Your email address will not be published. Required fields are marked