StockX,一個只要你是個有在關心球鞋的人鐵定會知道的平台,基本上被所有潮流玩家以及大鞋頭認定為當下最準確市場價格的一個球鞋轉售平台,其市值也早早的超過 10 億美金,基本上在這裡幾乎鮮少會有你買不到的鞋,只是金額的部分就是隨時跟著時下風氣走了!
然而這樣的大平台這次有出了大事了,在近日傳出 StockX 慘遭駭客駭入並且竊取了高達 680萬筆的用戶資料,其中包括名稱、Email、使用者偏好的尺碼等資料,甚至連用戶是連哪種作業系統的裝置也在失竊資料當中,迅速造成了潮流圈的驚駭,甚至有人在暗網假裝購買資料後與 StockX 查證後確定是資料遭到盜取,此舉更證實了資料被販售的事實!
而對於此事,StockX 官方則是發訊表示正在調查中,並且告知其平台用戶若有收到信件請盡快更改帳號密碼,以免個人資料遭到濫用,然而在這個網路發達的時代,這樣的個資外洩確實造成了恐慌以及用戶們的隱憂,若是處理不好平台聲勢一落千丈都是有可能的!
StockX 信件內容如下:
Dear Customer,
StockX cares deeply about the privacy of our customers. In recent days, our company has discovered a data security issue, and we want to provide you with an update on this situation.
We were alerted to suspicious activity potentially involving customer data. Upon learning of the suspicious activity, we immediately launched a comprehensive forensic investigation and engaged third-party data incident and forensic experts to assist. Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, shipping address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.
While conducting our forensic investigation into the suspicious activity, and out of an abundance of caution, we implemented immediate infrastructure changes to mitigate and address any potential effects of the suspicious activity. These infrastructure changes included:
-a system-wide security update;
-a full password reset of all customer passwords with an email to customers alerting them about resetting their passwords;
-high-frequency credential rotation on all servers and devices; and
-a lockdown of our cloud computing perimeter
We want you to know that we took these steps proactively and immediately, because we had just begun our investigation and did not yet know the nature, extent, or scope of suspicious activity to which we had been alerted. Though we had incomplete information, we felt a responsibility to act immediately to protect our customers while our investigation continued—and we took steps to do so.
As we investigate, StockX will continue to take additional measures, as needed, to protect the privacy of our customers. In the meantime, out of an abundance of caution, we recommend that if you use your StockX password for other accounts, you change those passwords as well.
Again, we take data security and privacy very seriously, and will continue to communicate with our customers and work hard to protect those who trust us with their shopping experience.
photo via:Techcrunch
source:hypebeast
文/Terry
