StockX Breach Hits 6.8M Customer Records

Apparel and shoe trading marketplace StockX was reportedly hacked, allegedly exposing sensitive information of more than 6.8 million users worldwide, TechCrunch reported on Saturday (Aug. 3).

Without saying much, the fashion and sneaker marketplace sent out a general password reset email to its users on Thursday (Aug. 1) citing “system updates,” according to TechCrunch. At the same time, an unnamed seller allegedly contacted TechCrunch, saying the data of more than 6.8 million users was breached in May. The seller provided TechCrunch with a sample of 1,000 records.

“We contacted customers and provided them information only they would know from their stolen records, such as their real name and username combination and shoe size,” TechCrunch said. “Every person who responded confirmed their data as accurate.”

Each record also had other internal flags, such as whether or not European users had accepted the company’s GDPR message, according to TechCrunch. A company can be fined up to 4 percent of its global annual revenue for violations under GDPR rules.

StockX is the world’s first “stock market of things” with millions of active users in nearly 200 countries. The company was valued at over $1 billion in June after a Series C funding round of $110 million. The funding round was led by investment firms DST Global, General Atlantic and GGV Capital. StockX planned to use the investment to expand its international growth in both the European and Asian markets. The company also planned to diversify its product categories and extend its reach to brick-and-mortar locations.

At the same time, the company announced that Scott Cutler took over as CEO, immediately succeeding Co-founder Josh Luber, who continues to serve on the executive leadership team and board of directors. Cutler joined StockX from eBay, where he had most recently served as senior vice president of the Americas. He also joined StockX’s board of directors along with GGV’s Hans Tung.