Cybercriminals sell nearly 7 Million User credentials from recent StockX data breach

• The database contained personal information including user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords.
• The stolen user accounts came from a StockX data breach that occurred in July 2019.

What happened?

A database containing 6,840,339 unique user accounts from the recent StockX data breach was put up for sale on dark web forums by cybercriminals.

What is the impact?

A security researcher named Jim Scott informed BleepingComputer that the StockX database was originally being sold on the Apollon marketplace for $300. Later, researchers found the exposed credentials being distributed on underground hacker forums for an amount as low as $2.15.

Due to the negligible price of the data, it can go into the hands of malicious threat actors who can use it to perform credential stuffing attacks.

Several threat actors also claimed to have decrypted thousands of passwords from the exposed database. “For those who do not want to deal with the decrypting of the passwords, one person has allegedly decrypted 367,000 accounts from the database and is selling them for $400,” BleepingComputer reported.

What data was compromised?

The database contained personal information of 6,840,339 StockX users. The exposed information included:

• User names
• Email addresses
• Addresses
• Shoe size
• Purchase history
• Encrypted passwords

About the StockX data breach

Last week, it was revealed that the fashion and sneaker trading platform StockX suffered a data breach incident in July 2019. On August 8, the company sent password reset emails to its users citing “system updates”. However, an anonymous source contacted TechCrunch claiming that the site was hacked in May 2019 and over 6.8 million user records were stolen by a hacker. Soon, the stolen data was found listed for sale on a dark web forum.

How to stay safe?

All users can check if their information is exposed in this breach by entering their email at the Have I Been Pwned website.

For all the affected StockX users, it is recommended to change their passwords immediately. Users must also change the passwords for other accounts if they have used the same exposed password.