{"id":70150,"date":"2019-08-08T16:01:17","date_gmt":"2019-08-08T20:01:17","guid":{"rendered":"https:\/\/stockx.com\/news\/?p=70150"},"modified":"2019-08-08T17:43:30","modified_gmt":"2019-08-08T21:43:30","slug":"update-on-data-security-issue","status":"publish","type":"post","link":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","title":{"rendered":"Update on Data Security Issue"},"content":{"rendered":"<p><em><strong>UPDATE &#8211; 08\/08\/2019<\/strong><\/em><\/p>\n<p><i><span style=\"font-weight: 400;\">We wanted to follow up on the email customers received from us on August 3, 2019 and to provide additional information about the data security incident we recently discovered.<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">First, let us say how much we regret that customers are dealing with this issue at all. We take the trust you place in us very seriously, and this is not the kind of experience we want for our community.\u00a0<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">While we have worked to do everything we could to best protect our customers, when we first communicated we did not have much information, which unfortunately is a frustrating reality of data incidents. We hope our August 8<\/span><\/i><i><span style=\"font-weight: 400;\">th<\/span><\/i><i><span style=\"font-weight: 400;\"> <a href=\"https:\/\/s3.amazonaws.com\/stockx-sneaker-analysis\/wp-content\/uploads\/2019\/08\/StockX-Notice-of-Data-Breach-8.8.19.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Customer Notification letter<\/a>\u00a0will<\/span><\/i><i><span style=\"font-weight: 400;\">\u00a0provide better clarity into the timeline and our actions, but regardless, we do want to deeply apologize for any confusion.\u00a0<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">We hope this will provide you with additional facts about the incident, steps we took in response to protect you, and measures we are taking to remediate any potential effects of the suspicious activity to which we have been alerted.\u00a0<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">Please know how important you and all our customers are to this community, and that your privacy and security are a top priority for us.\u00a0<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">Below you will find an FAQ on the matter. The original August 3<\/span><\/i><i><span style=\"font-weight: 400;\">rd<\/span><\/i><i><span style=\"font-weight: 400;\"> communication to customers can be found below, and the August 8<\/span><\/i><i><span style=\"font-weight: 400;\">th<\/span><\/i><i><span style=\"font-weight: 400;\"> letter to customers can be found <a href=\"https:\/\/s3.amazonaws.com\/stockx-sneaker-analysis\/wp-content\/uploads\/2019\/08\/StockX-Notice-of-Data-Breach-8.8.19.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/span><\/i><\/p>\n<p><b><i>What happened?\u00a0<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">On July 26, 2019, we were alerted to suspicious activity potentially involving our customer data. We immediately launched a forensic investigation and engaged experienced third-party data experts to assist. Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.\u00a0\u00a0<\/span><\/p>\n<p><b><i>What personal information was involved?<\/i><\/b><\/p>\n<p><i><span style=\"font-weight: 400;\">Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain unauthorized access to certain customer data, including customer name, email address, address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.\u00a0<\/span><\/i><\/p>\n<p><b><i>What did StockX do in response?\u00a0<\/i><\/b><\/p>\n<p><i><span style=\"font-weight: 400;\">Upon first learning of the suspicious activity, we immediately launched an internal forensic investigation into the reported activity. On the same day, we engaged third-party data incident and forensic experts to assist with the investigation. While we were conducting our forensic investigation into the suspicious activity, we took proactive steps to implement infrastructure changes to mitigate and address any potential effects of the suspicious activity, including deploying a system-wide upgrade and full password reset. We have also contacted law enforcement and have been working with them in their efforts to catch the perpetrator. Once our investigation revealed evidence to suggest customer data may have been accessed by an unknown third party, we sent customers an email on August 3, 2019 to make them aware of the incident, and thereafter sent a more detailed notification to our customers with further information regarding the incident. As our investigation continues, we will continue to communicate with our customers about the incident as necessary.<\/span><\/i><\/p>\n<p><b><i>What is StockX doing for me?<\/i><\/b><\/p>\n<p><i><span style=\"font-weight: 400;\">While we were conducting our forensic investigation into the suspicious activity, we initially took some proactive and immediate steps to implement infrastructure changes to mitigate and address any potential effects of the suspicious activity. These infrastructure changes included: a system-wide update to upgrade the encryption of customer passwords; a full password reset of all customer passwords with an email to customers alerting them about resetting their passwords; high-frequency credential rotation on all servers and devices; and a lockdown of our cloud computing perimeter.<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">Additionally, out of an abundance of caution, we have arranged for you to have <\/span><\/i><b><i>12 months<\/i><\/b><i><span style=\"font-weight: 400;\"> of <\/span><\/i><b><i>free<\/i><\/b><i><span style=\"font-weight: 400;\"> fraud detection and identity theft protection through ID Experts\u00ae to provide you with <a href=\"https:\/\/ide.myidcare.com\/stockx\" target=\"_blank\" rel=\"noopener noreferrer\">MyIDCare\u2122<\/a><\/span><\/i><i><span style=\"font-weight: 400;\">. MyIDCare services include: CyberScan monitoring, fully managed id theft recovery services, a $1,000,000 insurance reimbursement policy, and 12 months of free credit monitoring. With this protection, MyIDCare will help you resolve issues if your identity is compromised.\u00a0<\/span><\/i><\/p>\n<p><b><i>What else can I do to protect myself?<\/i><\/b><\/p>\n<p><i><span style=\"font-weight: 400;\">We encourage you to regularly review and monitor your credit and debit card statements and credit reports, and report any suspicious or unrecognized activity immediately. Rather than waiting to receive monthly statements you may want to review them online. You can also ask the issuing bank what options for additional account security they may offer. Although the passwords impacted by the incident were hashed, if you used that StockX password for any other accounts, we would recommend that you change the password for those accounts as well.<\/span><\/i><\/p>\n<p><b><i>What if I have additional questions about this incident?<\/i><\/b><\/p>\n<p><i><span style=\"font-weight: 400;\">We encourage you to contact ID Experts with any questions and to enroll in the free MyIDCare services by calling (833) 300-6935 (if you are calling from the United States) or +1-971-317-8411 (if you are calling from outside of the United States) or by going to <\/span><\/i><a href=\"https:\/\/ide.myidcare.com\/stockx\"><i><span style=\"font-weight: 400;\">https:\/\/ide.myidcare.com\/stockx<\/span><\/i><\/a><i><span style=\"font-weight: 400;\">. Please note the deadline to enroll is November 8, 2019.<\/span><\/i><\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: center;\">&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<\/p>\n<p><em><strong>Original post as of 08\/03\/2019<\/strong><\/em><\/p>\n<p><span style=\"font-weight: 400;\">StockX cares deeply about the privacy of our customers. In recent days, our company has discovered a data security issue, and we want to provide you with an update on this situation.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We were alerted to suspicious activity potentially involving customer data. Upon learning of the suspicious activity, we immediately launched a comprehensive forensic investigation and engaged third-party data incident and forensic experts to assist. Though our investigation remains ongoing, forensic evidence to date suggests that an unknown third-party was able to gain access to certain customer data, including customer name, email address, shipping address, username, hashed passwords, and purchase history. From our investigation to date, there is no evidence to suggest that customer financial or payment information has been impacted.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">While conducting our forensic investigation into the suspicious activity, and out of an abundance of caution, we implemented immediate infrastructure changes to mitigate and address any potential effects of the suspicious activity. These infrastructure changes included:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">a system-wide security update;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">a full password reset of all customer passwords with an email to customers alerting them about resetting their passwords;\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">high-frequency credential rotation on all servers and devices; and<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">a lockdown of our cloud computing perimeter<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\"><br \/>\nWe want you to know that we took these steps proactively and immediately, because we had just begun our investigation and did not yet know the nature, extent, or scope of suspicious activity to which we had been alerted. Though we had incomplete information, we felt a responsibility to act immediately to protect our customers while our investigation continued\u2014and we took steps to do so.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As we investigate, StockX will continue to take additional measures, as needed, to protect the privacy of our customers. In the meantime, out of an abundance of caution, we recommend that if you use your StockX password for other accounts, you change those passwords as well.<\/span><\/p>\n<div dir=\"ltr\">\n<div>Again, we take data security and privacy very seriously, and will continue to communicate with our customers and work hard to protect those who trust us with their shopping experience.<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>UPDATE &#8211; 08\/08\/2019 We wanted to follow up on the email customers received from us on August 3, 2019 and to provide additional information about the data security incident we recently discovered. First, let us say how much we regret that customers are dealing with this issue at all. We take the trust you place [&hellip;]<\/p>\n","protected":false},"author":67,"featured_media":70679,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"brands":[],"series":[],"verticals":[],"class_list":["post-70150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Update on Data Security Issue - StockX News<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/stockx.com\/news\/update-on-data-security-issue\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Update on Data Security Issue - StockX News\" \/>\n<meta property=\"og:description\" content=\"UPDATE &#8211; 08\/08\/2019 We wanted to follow up on the email customers received from us on August 3, 2019 and to provide additional information about the data security incident we recently discovered. First, let us say how much we regret that customers are dealing with this issue at all. We take the trust you place [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/stockx.com\/news\/update-on-data-security-issue\/\" \/>\n<meta property=\"og:site_name\" content=\"StockX News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/stockxdotcom\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-08T20:01:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-08-08T21:43:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/d15lrsitp7y7u.cloudfront.net\/wp-content\/uploads\/2019\/08\/LOGO.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"StockX\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@stockx\" \/>\n<meta name=\"twitter:site\" content=\"@stockx\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"StockX\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Update on Data Security Issue - StockX News","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","og_locale":"en_US","og_type":"article","og_title":"Update on Data Security Issue - StockX News","og_description":"UPDATE &#8211; 08\/08\/2019 We wanted to follow up on the email customers received from us on August 3, 2019 and to provide additional information about the data security incident we recently discovered. First, let us say how much we regret that customers are dealing with this issue at all. We take the trust you place [&hellip;]","og_url":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","og_site_name":"StockX News","article_publisher":"https:\/\/www.facebook.com\/stockxdotcom","article_published_time":"2019-08-08T20:01:17+00:00","article_modified_time":"2019-08-08T21:43:30+00:00","og_image":[{"width":700,"height":500,"url":"https:\/\/d15lrsitp7y7u.cloudfront.net\/wp-content\/uploads\/2019\/08\/LOGO.jpg","type":"image\/jpeg"}],"author":"StockX","twitter_card":"summary_large_image","twitter_creator":"@stockx","twitter_site":"@stockx","twitter_misc":{"Written by":"StockX","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","url":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","name":"Update on Data Security Issue - StockX News","isPartOf":{"@id":"https:\/\/stockx.com\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/#primaryimage"},"image":{"@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/#primaryimage"},"thumbnailUrl":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2019\/08\/LOGO.jpg","datePublished":"2019-08-08T20:01:17+00:00","dateModified":"2019-08-08T21:43:30+00:00","author":{"@id":"https:\/\/stockx.com\/news\/#\/schema\/person\/530fbaf14782dfa489fc36d6b893f968"},"breadcrumb":{"@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/stockx.com\/news\/update-on-data-security-issue\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/#primaryimage","url":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2019\/08\/LOGO.jpg","contentUrl":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2019\/08\/LOGO.jpg","width":700,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/stockx.com\/news\/"},{"@type":"ListItem","position":2,"name":"Update on Data Security Issue"}]},{"@type":"Person","@id":"https:\/\/stockx.com\/news\/#\/schema\/person\/530fbaf14782dfa489fc36d6b893f968","name":"StockX","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stockx.com\/news\/#\/schema\/person\/image\/","url":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2021\/04\/StockXAuthor.jpg","contentUrl":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2021\/04\/StockXAuthor.jpg","caption":"StockX"},"url":"https:\/\/stockx.com\/news\/author\/stockx\/"}]}},"article":{"url":"https:\/\/stockx.com\/news\/update-on-data-security-issue\/","title":"Update on Data Security Issue","date":"August 8, 2019","category":"","featured_image_url":"https:\/\/images-wp.stockx.com\/news\/wp-content\/uploads\/2019\/08\/LOGO.jpg","verticals":[],"author":{"url":"https:\/\/stockx.com\/news\/author\/stockx\/","name":"StockX"}},"_links":{"self":[{"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/posts\/70150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/users\/67"}],"replies":[{"embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/comments?post=70150"}],"version-history":[{"count":3,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/posts\/70150\/revisions"}],"predecessor-version":[{"id":70681,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/posts\/70150\/revisions\/70681"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/media\/70679"}],"wp:attachment":[{"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/media?parent=70150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/categories?post=70150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/tags?post=70150"},{"taxonomy":"sx_brand","embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/brands?post=70150"},{"taxonomy":"sx_series","embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/series?post=70150"},{"taxonomy":"sx_vertical","embeddable":true,"href":"https:\/\/stockx.com\/news\/wp-json\/wp\/v2\/verticals?post=70150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}