A cybersecurity vendor has uncovered evidence that a hacker stole data from fashion retailer Hot Topic, including the personal data of millions of customers.
Israeli cybersecurity firm Hudson Rock is warning of the alleged breach after a hacker began selling access to a database full of customer information stolen from Hot Topic and two related brands, BoxLunch and Torrid.
The hacker, who goes by the name “Satanik”, claims the database contains details on 350 million users, including names, email addresses, physical addresses and dates of birth – all information that Hot Topic was asking users to fill in for her loyalty. program. Satanic is offering the database for $20,000 while demanding that Hot Topic pay $100,000 to drop the sale.
This tweet is currently unavailable. It may be loading or it has been removed.
Hudson Rock says the breach is credible after it discovered evidence that an employee’s computer at third-party retail analytics firm Robling was infected with malware. The cybersecurity firm identified the infection since Hudson Rock operates Cavalier, a cyber intelligence platform that monitors compromised computers with the goal of alerting customers.
“By searching for the keyword ‘hottopic’ on Hudson Rock’s Cavalier platform, researchers discovered an employee who was recently infected by an Infostealer on September 12, 2024,” the cybersecurity vendor wrote in a blog post. “With over 240 credentials found in [compromised] machines, many of which are corporations, the researchers determined that this person is employed by a company called ‘Robling’, whose description is ‘Helping retailers merge data across silos’”.
(Credit: Hudson Rock)
The finding suggests the Robling employee was trying to analyze Hot Topic’s data through cloud platforms like Snowflake, Microsoft Azure and Google’s Looker. However, the data was exposed after a hacker installed password-stealing malware on the employee’s computer.
Hudson Rock researchers contacted Satanic, who provided a username that matched the one found on the compromised computer. “Most recently, Satanic claimed, we stress, the hacker DENIED, that the breach stemmed from a lack of MFA (multi-factor authentication) on a Snowflake account along with ‘other links,'” Hudson Rock added.
Recommended by our Editors
Hot Topic and Robling did not immediately respond to a request for comment. Meanwhile, Hudson Rock is warning that the stolen information could be used to target affected customers with fraud, phishing and identity theft schemes. Satanic is saying they stole 680GB of data, including 116GB related to customer information.
Whether the hacker stole the data of 350 million users has not been confirmed. Hudson Rock CTO Alon Gal tells PCMag that Satanic originally boasted of stealing data for 1 billion users, but has since revised the estimate. “I asked him how unique, he said 350 meters and later edited the subject,” added Gal.
Like what you’re reading?
Register for Security Watch newsletter for our best privacy and security stories delivered straight to your inbox.
This newsletter may contain advertisements, deals or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You can unsubscribe from newsletters at any time.
About Michael Kahn
Senior reporter
