Data breaches are always bad, and they’re even worse when they affect several million people. This latest breach of several major lifestyle chains and reportedly impacts 57 million customers.
A massive data breach has reportedly exposed the personal information of almost 57 million Hot Topic, Box Lunch, and Torrid customers. The leaked data includes names, addresses, phone numbers, dates of birth, and partial credit card information.
The breach was first reported on October 21, 2024 by a threat actor known as “Satanic” who actually claimed at first to have stolen about 350 million user records—so this whole situation could be much worse than we’re reporting right now. The hacker initially attempted to sell the database for $20,000 and demanded a $100,000 ransom from Hot Topic to take down the information.
Hot Topic has not officially confirmed the breach as of this moment, but data analytics firm Atlas Privacy has verified the authenticity of the leaked data. Their analysis suggests that the breach occurred on October 19, 2024 and impacts approximately 54 million customers. What’s perhaps more worrying about this is that the compromised data includes 25 million credit card numbers encrypted with a weak cipher that is easily deciphered. If you have ever bought stuff at Hot Topic, you should probably call your bank to have your credit cards reissued and keep an eye out for any suspicious actions in the future.
Once you get the credit card situation sorted out, you should also change your password if you happen to use the same password there as in other services. Hot Topic should also probably email you with any next steps about your account, but since the company hasn’t officially confirmed there’s been a breach in the first place, we don’t know if that will happen soon.
Source: Bleeping Computer
