Topics

Latest

AI

Amazon

Article image

Image Credits:Bryce Durbin / TechCrunch

Apps

Biotech & Health

Climate

an illustration of a transparent hand grabbing at a laptop

Image Credits:Bryce Durbin / TechCrunch

Cloud Computing

Commerce

Crypto

endeavour

EVs

Fintech

Fundraising

contraption

Gaming

Google

Government & Policy

ironware

Instagram

Layoffs

Media & Entertainment

Meta

Microsoft

privateness

Robotics

security measure

societal

Space

Startups

TikTok

Transportation

Venture

More from TechCrunch

case

Startup Battlefield

StrictlyVC

Podcasts

Videos

Partner Content

TechCrunch Brand Studio

Crunchboard

Contact Us

Millions of client of Hot Topic have been informed that their personal data was compromised during an October data breach at the American retail merchant .

Have I Been Pwned ( HIBP ) , the breach notification service , said this calendar week that italerted57 million spicy Topic client that their data had been compromised .

The stolen data includes email addresses , physical addresses , earphone numbers , purchases , genders , and particular date of birth . fond credit card data was also let in in the breach , according to HIBP , include credit card type , expiry dates , and the last four digits of the posting phone number .

Hot Topic , which has more than 640 stores across the U.S. , has not yet confirmed the break and did not respond to TechCrunch ’s multiple request for comment .

The breach occurred on October 19 , according to HIBP , and was claimed by a scourge doer operating under the false name “ Satanic ” on October 21 . In a position on the cybercrime forum BreachForums , Satanic take to have slip 350 million exploiter records from Hot Topic and its affiliated brands , Box Lunch and Torrid .

The cyberpunk ab initio set about to sell the database for $ 20,000 and demand a $ 100,000 ransom money from Hot Topic to take down the entropy , according to a report card by cybersecurity firmHudson Rock .

In the post on BreachForums , seen by TechCrunch , Satanic is now offering the database for $ 3,500 .

Join us at TechCrunch Sessions: AI

Exhibit at TechCrunch Sessions: AI

The nature of the security incident that leave to the breach is unknown . consort to a report fromHudson Rock , the threat thespian may have leveraged credential stolen viainfostealermalware to slip credentials for an analytics political program used by Hot Topic to reach the retailer ’s cloud surround .

It does n’t appear that Hot Topic has yet notified customers or state offices of lawyer general about the information breach .