As StockX reached Unicorn status, Josh Luber stepped down as CEO of the company he created. This happened at the end of June. However, according to Tech Crunch, “An unnamed data breached seller contacted TechCrunch claiming more than 6.8 million records were stolen from the site in May by a hacker. The seller declined to say how they obtained the data.” When investments occur all information must be disclosed to avoid the perception of impropriety. The questions that should be asked is if the “$110 million in a Series C funding round led by DST Global, General Atlantic and GGV Capital,” (Forbes) can be retracted? The questions users should have is what exactly was stolen and should the credit cards associated with StockX accounts be cancelled? There are a host of other questions, but my primary question is if a seller like me (over a million dollars in 18 months) wasn’t notified, and I’m not saying I’m more important than a kid who only sold or bought one pair, doesn’t this hint at the fragility of the third party marketplace?
To be honest any marketplace created has been hacked before:
Amazon: https://www.hackread.com/amazon-suffers-security-breach/
eBay https://www.cnet.com/news/ebay-hacked-requests-all-users-change-passwords/
From Amazon to eBay, hacking remains a constant threat to anyone who has made the effort to join the ranks of online business. My own site currently carries a hack in its header that I had to purchase several programs to fix, and still when someone shares a link from my site the chance that the information showing up in that link will show the information for a casino is still there. While the hack has been cleaned and isn’t harmful I have yet to find the malicious code. It’s irritating but not something to worry about, but it is one of the reasons why my e-commerce store is no longer active as the place I sell.
My own e-commerce store is now an affiliate site. It used to make a nice amount of money by forwarding buyers to Amazon and eBay, but now that most sales take place on StockX for premium pairs in third party, it’s just a placeholder until I decide which direction to move the business. That’s a different post.
I shut down my own store because I didn’t want customers registering for the site to worry about their data. I chose to sell through StockX. Although I tell anyone who will listen to establish their own site before joining a third party, I sell there because the site has given me benefits that aren’t granted to everyday sellers, but last night when Rashone Bryant from Sneaker Box Podcast posted a message on LinkedIn, I realized that being a big seller with a personal representative on StockX means very little as no one reached out to tell me anything in May and they didn’t even explain all of the issues that were affecting the site over the last few days. When the password request arrived, I didn’t even think to ask why because it’s back to school season and my sales on the platform have skyrocketed which has kept me busy.
I wrote my rep late last night to ask what was happening and I haven’t heard anything yet. Which only serves to remind me that what I wrote in my book Nike’s Consumer Direct Offense, Amazon & StockX: The Disruption of Sneaker Retail, StockX is a fragile unicorn. A business built on the backs of a group of sellers is only as strong as those sellers making a decision to remain sellers. This hack provides an opportunity for a call to arms. I could literally reach out to every seller I know, I’m the smallest of the VIPs in Memphis alone, I can pull together funding and establish an opponent to StockX and other sites. The collection of sellers I know here could immediately be a 10 million dollar a year company. The problem is I’ve grown accustomed to my early payout on StockX and so has everyone else.
Which unfortunately means one thing… this hack is newsworthy, but ultimately none of us are leaving which says more about us than it does StockX. So much for my thoughts on the fragility of the business.