Hot Topic customers' personal information, including their credit card details and phone numbers, have been accessed by hackers during a data breach on a clothing brand last November.
Several customers reportedly received an email from Hot Topic on Monday telling people to be careful of automated "credential stuffing" attacks, or the use of stolen personal information to website login forms to access personal user accounts.
(Photo : Malls of America)
The company has already detected hackers illegally using valid account details to access an "unknown third-party source" following the data breach, although it is not certain how many shoppers have been affected yet.
Hot Topic is currently still investigating the cyberattack as it works with cyber experts to improve security measures against similar attacks in the future.
Also Read: Hackers Are Selling 15,000 Breached Roku Accounts Online
How to Protect Personal Info from Hot Topic Cyberattack?
Although it is not certain which customers have been affected by the breach, Hot Topic is notifying all of its shoppers to employ some safety measures to avoid falling victim to possible cyberattacks.
In addition to employing security bots to the account, Hot Topic advised customers to set new passwords on their accounts on the clothing store's online platforms.
It is recommended to also install two-factor verification systems to accounts that can access finances or use more secure digital protection systems to prevent personal cyberattacks.
Related Article: VF Corp Reports 35.5 Million Customer Data Stolen from Cyberattack
More Cyberattacks in the US Amid AI Boom
The data breach on Hot Topic follows a surge in cyberattacks in US businesses last year as bad actors have reportedly started using AI in their operations.
Most notorious are ransomware attacks targeting major franchises, like casinos and healthcare, to steal millions of dollars from the companies.
Microsoft, in cooperation with OpenAI, has already alerted companies and authorities that hackers have been noted to be using chatbots and deepfakes to scam or deceive employees to illegally gain access to company data.
