‘Satanic’ Hacker Allegedly Steals Information of 350M Hot Topic Customers
A security firm reveals evidence that the hacker attacked Hot Topic by targeting an employee at a third-party retail analytics platform.
A hacker by the name ‘Satanic’ claims to have stolen the records, including personal information of about 350 million customers of fashion retailer Hot Topic. Hot Topic is an American fast-fashion company which specializes in pop-cultured inspired collections, band tees, and on-trend accessories as well as licensed music. Most of their audience ranges from teens to young adults.
Stolen Data Details
Israeli cybersecurity firm Hudson Rock reported that the hacker claims to have hacked the loyalty account of the fashion mega chain. Hacker says they obtained Personally Identifiable Information (PII) of 350 million users, including names, email addresses, physical addresses, and dates of birth which Hot Topic was asking its users to fill out for the loyalty program. The attacker claims to have the last four digits of customers’ credit cards, card types, hashed expiration dates and the names of the card holders though some financial details are partially protected. Satanic is selling the database for $20,000 and is asking Hot Topic to pay $100,000 to remove the sale.
Breach Investigation Unveiled
“By searching the keyword ‘hottopic’ in Hudson Rock’s Cavalier platform, researchers discovered an employee who was recently infected by an Infostealer on September 12th, 2024,” the cybersecurity vendor wrote in a blog post. “With over 240 credentials found on the [compromised] machine, many of which are corporate, researchers determined that this person is employed at a company called ‘Robling,’ whose description is ‘Helping retailers unite data across silos.’”
Expert analysis
The data was exposed after the hacker installed password-stealing malware on the employee’s system. The findings suggested that the employee at Robling was trying to analyze Hot Topic’s data through cloud platforms such as Snowflake, Microsoft Azure, and Google’s Looker. The cybersecurity company found the infection since Hudson Rock runs Cavalier, a cyber intelligence platform that tracks hacked computers to alert clients.
Hudson Rock researchers reached out to Satanic, who gave them a username that matched the one found on the compromised computer. “Lastly, Satanic claimed, we emphasize, the hacker CLAIMED, that the breach originated from a lack of MFA (multi-factor authentication) on a Snowflake account along with ‘other links,'” Hudson Rock added.
Impact and risks
Hot Topic and Robling have not responded to a request for comment. Meanwhile, Hudson Rock warns that the stolen information could be used to target affected customers with fraud, phishing, and identity theft. Satanic claims they stole 680GB of data, including 116GB related to customer information.
Hudson Rock says that Satanic is well-known for data-thieving and earns a substantial income by selling the stolen data.
The data theft is large, but it will likely have a small impact. It is upsetting for individuals to have their personal information stolen, but the database will not be very useful. It might be exploited for a fashion-related phishing scam, but beyond that, its value seems really low.