StockX is offering free fraud detection and identity theft protection after data breach


On August 1 popular online marketplace for sneakers, streetwear, handbags, and luxury watches StockX was the victim of a massive data breach where the records of 6.8 million users were compromised.

Now to make amends StockX CEO Scott Cutler has sent an email to StockX users saying that the company is offering 12 months of free fraud detection and identity theft protection.

The email goes further into the events that led up to the breach. On August 1, users got a seemingly innocent email from StockX. It urged customers to change their passwords because the online marketplace popular among sneakerheads had undergone a system update. The reality was that the platform was hacked. The newest correspondence from the company told users that on July 26, it was alerted to suspicious activity potentially involving customer data.

StockX now claims that evidence showed that an unknown third party was able to “gain unauthorized access to certain customer data from our cloud environment on or around May 14, 2019.” The information that was breached included customer name, email address, shipping address, username, hashed passwords, and purchase history.

Tags that are placed on items that have been authenticated by Stock X are pictured in their offices on January 10, 2018 in Detroit, Michigan. This bag was sold for $1200 USD and the money will be refunded to the seller. StockX is a live auction site for resale of high-end sneakers, handbags, streetwear and watches. StockX experts authenticate items sold through their site. / AFP PHOTO / JEFF KOWALSKY / With AFP Story by Luc OLINGA        (Photo credit should read JEFF KOWALSKY/AFP/Getty Images)
Tags that are placed on items that have been authenticated by Stock X are pictured in their offices on January 10, 2018 in Detroit, Michigan. (JEFF KOWALSKY/AFP/Getty Images)

In the wake of the hack, the company said it has taken “proactive steps to implement infrastructure changes to mitigate and address any potential effects of the suspicious activity such as a system-wide security update; a full reset of all customer passwords, with an email to customers alerting them about resetting their passwords; high-frequency credential rotation on all servers and devices; and a lockdown of our cloud computing perimeter.”

The 12 months of fraud protection being offered to StockX users is provided through “ID Experts.” According to the email, the company is also offering “CyberScan monitoring, fully managed id theft recovery services, a $1,000,000 insurance reimbursement policy, and 12 months of free credit monitoring.”

StockX still maintains that there is no evidence that any financial customer or payment information has been affected by the breach.

Reggie Wade is a writer for Yahoo Finance. Follow him on Twitter at @ReggieWade.

Read more:

Follow Yahoo Finance on Twitter, Facebook, Instagram, Flipboard, LinkedIn, and reddit.