So StockX got hacked

**** stockx

A79ABD04-D4D3-4E19-A86B-8AB84A927C58.jpeg
 
So someone from new Mexico logged in to my netflix...early this morning.
Smhh.
 
They need to setup two factor authentication. Some person on twitter claims to have been charged 18k and has been locked out of his account (password/email change), RIP.
 
Emailed stockx to close my account. Should had done it last month. Someone tried to log into my Yahoo email which is in my stockx account. I changed the password weeks ago and have the app verifier. So was able to deny the log in.

Stockx ****ed us over
 
Do y'all save y'all passwords to Google or just remember them all? I got way to many passwords to remember lol
 
I use LastPass as my password manager. Every site I have an account has a unique password including LastPass. I always use the maximum amount of characters for each password. There are plenty of others but I've been using it for about 3 years.
 
I didn’t get that email but the cover up is usually worse than the crime itself. Smh at StockX
 
Yeah I'm gonna delete mine too.

FOH with free credit monitoring as reimbursement for being compromised.
 
i use facebook to log in. i think that saved me. also i have a credit card that doesn't work anymore on my account.
 
In 2017 I asked Stock X to close my account and delete my data. Even though the account was closed, they retained all of my data, which was subsequently part of the hack. So I emailed them again a month ago asking for them to explain why they didn't originally delete my data. I also made a request under the GDPR to disclose exactly what data they still hold on me, and to also delete it. This is the response I got:


Dear xxxxx,

Data Subject Erasure Request

I write further to your Personal Data Erasure Request, as set out in your email dated 8/3/2019. We have undergone a review of the personal data that we hold about you and have deleted your personal data to which the right of erasure applies.

We can confirm that we have erased the following personal data about you.
  • Your personal preferences and settings, including:
    • Payment methods
    • Subscription to mailing lists
    • Encrypted password
    • User devices
    • IP addresses
We have not been able to erase the following information because we need to retain certain information for our legitimate legal, audit, and tax purposes.
  • Your name and contact details including:
    • First and Last Name
    • Email
    • Phone number
    • Billing addresses
    • Shipping addresses
  • Your transaction history
We have complied with your request to the extent possible, but note that some of your data is held in back-ups. This information is inaccessible due to how our back-ups are stored. In the event that we need to use a back-up containing your personal data to restore the other information, your personal data has been flagged for deletion, and will be erased prior to the back-up data being accessed, or will be deleted manually upon the back-up being restored.

The categories of recipients to whom we disclose personal data are:
  • Payment processing providers who provide secure payment processing services, such as PayPal Inc. (including Braintree) and Riskified Ltd.
  • Analytics, search engine providers and digital marketing providers that assist StockX in the improvement and optimization of its site and to grow and develop its business, such as Criteo, Facebook, Google, Ask Nicely Limited, AppsFlyer Inc., Snap Inc. and LiveRamp Holdings Inc.
  • Service providers of StockX who assist StockX in administering your account and to process and deliver your orders, such as Salesforce, Dropbox, Intercom, Inc., UPS, DHL, and Leanplum, Inc.
In respect of the companies listed above, this includes processing in countries outside the EEA, including in the USA, and these transfers of personal data are subject to appropriate safeguards such as the use of European Commission-approved model clauses, or privacy shield certification.

Personal data is held for as long as you have an account with us in order to meet our contractual obligations to you and for six years after that to identify any issues and resolve any legal proceedings. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.

Your rights under data protection law include the rights to request your personal data are, where relevant, corrected or erased or restricted or under certain circumstances to object to the processing of personal data. You also have the right to make a complaint to a data protection regulator.

Yours sincerely,
Maureen Lesko
Senior Counsel, StockX
 
You must log in or register to reply here.

Thread Gallery

View Full Gallery

The ultimate sneaker enthusiast community.

NikeTalk was created as a way of giving back to both the sneaker enthusiast community and to the greater global community of which we are all a part.

NikeTalk is NOT affiliated with Nike Inc. in any way, shape, or form. All opinions expressed herein do not necessarily reflect those of Nike, Inc.

© 1999-2024 NikeTalk.com

Share this page

Back
Top Bottom