Jump to content

Search the Community

Showing results for tags 'hot topic'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


LinkedIn Profile URL


About Me


Cloud Platforms


Cloud Experience


Development Experience


Current Role


Skills


Certifications


Favourite Tools


Interests

Found 1 result

  1. Hot Topic customer may have been victims of a cyberattack when unknown actors tried to log into their accounts, the company has confirmed. In a breach notification letter sent to its customers, which was later picked up by BleepingComputer, the clothing store said that unidentified threat actors engaged in credential stuffing on November 18-19, and November 25, last year. With credential stuffing, an attacker tries a large number of username/password combinations against a service, until one combination works. Automation is usually deployed to speed the process up. User data taken According to Hot Topic, certain Hot Topic Rewards accounts were accessed during that time (the company didn’t specify how many), prompting the subsequent investigation. The company doesn’t know who the attackers are, or if they even managed to log into a noteworthy number of accounts. They also said they don’t know where the attackers got the login credentials from, but are certain they didn’t get it from Hot Topic. The breach notification letter was sent “out of an abundance of caution”. If the threat actors did manage to log into an account, they would have been able to obtain the user’s full name, email address, order history, month and day of birth, and mailing address. Not a lot, but still enough to run some forms of phishing or identity theft attacks. Compromised users who saved their credit card details on the platform shouldn’t worry too much, as just the last four digits of the card were visible, the company concluded. Hot Topic has since reset user passwords, and deployed counter-measures to protect both the website, and the app, from credential stuffing attacks. External cybersecurity experts were also brought in, the company concluded. Hot Topic has more than 600 stores in the US and Canada, employing more than 10,000 people. More from TechRadar Pro What is credential stuffing, and how does it work?Here's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article
  • Forum Statistics

    63.6k
    Total Topics
    61.7k
    Total Posts
×
×
  • Create New...