Skip to main content
close search
site logo
Dive Brief

StockX reveals details about data breach

Published Aug. 14, 2019
By Lisa Rowan
StockX

Dive Brief:

  • Online marketplace StockX has offered more details to customers after a data breach was discovered in late July. In a letter dated August 8, CEO Scott Cutler detailed the investigation of the breach and offered customers 12 months of free fraud and identity theft protection services.

  • The update explained that an unknown third party gained access to customer data that may include names, email and physical addresses, usernames and purchase histories. Hashed passwords, those stored via one-way encryption, were also compromised. At this time, StockX does not believe financial or payment information was included in the breach.

  • StockX customers first learned there was an issue on August 3. At that time, the company said it "discovered a data security issue" and was "alerted to suspicious activity potentially involving customer data." The company shared the infrastructure changes it had taken to stop further breach activity, including a system-wide security update, credential rotation on all servers and devices, increased cloud computing security, and resetting all customer passwords.

Dive Insight:

StockX's handling of this data breach may be marked as a major misstep for the recently minted $1 billion unicorn. The Detroit-based sneaker, handbag and apparel marketplace provides authentication services for buyers and sellers, and has quickly gained a healthy crew of celebrity investors

It's not alone in its struggle to maintain customer security. Poshmark, CafePress and Capital One are just a few examples of companies who have told customers about data breaches in the past 30 days. But when StockX first asked customers to reset their passwords, it blamed the inconvenience on "system updates," according to a report from TechCrunch. StockX was shoring up its systems at the time, but initially downplayed the reason for the update. 

It can be difficult for brands to navigate the post-breach landscape. Finding and stopping up hackers' entry points can take time, and retailers may not want to admit there's a problem until they're sure of the true impact of a breach. But their reputation is on the line, perhaps especially for younger brands with digitally native audiences. A data breach could very well damage the credibility of a fledgling retail startup, no matter how buzzworthy its investors are.

Filed Under: Technology

Editors' picks

Company Announcements

View all | Post a press release
Walmart de México y Centroamérica and Quorso collaborate to deploy new technology at stores in…
From Quorso
October 30, 2024
DRINKS Welcomes Wine Industry Titan Roger Nabedian to Board of Directors
From DRINKS
October 24, 2024
PENNA WEAR LAUNCHES AS A HIGH QUALITY AND STYLISH ALTERNATIVE TO SCRUBS
From Preface Global
November 01, 2024
73% of Consumers are Moving Their Shopping More Online in 2024, 1WorldSync Report Finds
From 1WorldSync
October 16, 2024
Editors' picks
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell