Hot Topic data breach exposed personal data of 57 million customers
Millions of customers of Hot Topic have been informed that their personal data was compromised during an October data breach at the American retailer.
Have I Been Pwned (HIBP), the breach notification service, said this week that it alerted 57 million Hot Topic customers that their data had been compromised.
The stolen data includes email addresses, physical addresses, phone numbers, purchases, genders, and dates of birth. Partial credit card data was also included in the breach, according to HIBP, including credit card type, expiry dates, and the last four digits of the card number.
Hot Topic, which has more than 640 stores across the U.S., has not yet confirmed the breach and did not respond to TechCrunch’s multiple requests for comment.
The breach occurred on October 19, according to HIBP, and was claimed by a threat actor operating under the alias “Satanic” on October 21. In a post on the cybercrime forum BreachForums, Satanic claimed to have stolen 350 million user records from Hot Topic and its affiliated brands, Box Lunch and Torrid.
The hacker initially attempted to sell the database for $20,000 and demanded a $100,000 ransom from Hot Topic to take down the information, according to a report by cybersecurity firm Hudson Rock.
Article