Security News Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed

[Gandalf_The_Grey]

Content source

https://www.infostealers.com/article/largest-retail-breach-in-history-350-million-hot-topic-customers-personal-and-payment-data-exposed-as-a-result-of-infostealer-infection/

Conclusion

The stolen data from this breach  —  including personal information, payment details, and loyalty points  —  can be exploited by hackers for identity theft, financial fraud, and account takeovers.

The scale of this breach not only threatens individuals but also undermines trust in the affected companies, making it a significant reminder of the risks posed by Infostealer infections.

This year Infostealers served as the most powerful initial attack vector used by cybercriminals. They aided in the hacks of some of the world’s biggest companies including AT&T, Orange, Ticketmaster, Airbus.

Update 07/11/24 – Atlas Privacy obtained a copy of the Hot Topic database and allows users to search whether their email or phone were involved in the breach for free – Hot Topic 2024 | Search the Data Breach

Largest Retail Breach in History: 350 Million "Hot Topic" Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection | InfoStealers

On October 21st, a prominent threat actor using the username “Satanic” posts a thread in which they seek to sell various databases relating to three major retail companies :  Hot Topic, Torrid, and Box Lunch (all of which are founded by Hot Topic).

www.infostealers.com

 

[jackuars]

Hot Topic Breach Confirmed, Millions of Credit Cards, Email Addresses Exposed

The stolen database contains 54 million unique email addresses and 'lightly encrypted' credit card information for 25 million users, which can be decrypted, according to Atlas Privacy.

www.pcmag.com

"In some good news, the 730GB database doesn’t contain customer details on 350 million users as the hacker previously boasted. Still, it holds unique email addresses on 54 million users, according to Atlas Privacy, which has been analyzing the stolen information. "

 

[Gandalf_The_Grey]

Hot Topic Breach Confirmed, Millions of Credit Cards, Email Addresses Exposed

The stolen database contains 54 million unique email addresses and 'lightly encrypted' credit card information for 25 million users, which can be decrypted, according to Atlas Privacy.

www.pcmag.com

The other alarming discovery is that the database contains details on 25 million credit card numbers, which have only been “lightly encrypted,” making it possible to decrypt the data, including their expiration date numbers, Atlas Privacy told PCMag in an interview.