U.S. fast fashion retailer Hot Topic and its subsidiaries Torrid and Box Lunch were noted by Have I Been Pwned to have had more than 56.9 million customers' data — including full names, birthdates, physical and email addresses, phone numbers, purchase history, and partial credit card details — compromised as part of a recent data breach claimed by the threat actor Satanic, BleepingComputer reports.
Such a disclosure by HIBP comes after Satanic admitted to having stolen a database from Hot Topic, Torrid, and Box Lunch containing 350 million user records following a breach, which is believed by Hudson Rock to have been conducted through an information-stealing malware attack against Hot Topic's data unification service. Another analysis from Atlas Privacy revealed that Satanic's stolen database had information from 54 million customers spanning more than a decade, including 25 million weakly encrypted credit card numbers. Almost half of the exposed email addresses were not involved in prior data breaches, according to Atlas Privacy.