Hundreds of Accounts Hacked On Reselling App Vinted
After a massive scam, the company reacts.
Last Friday, users of the popular platform Vinted were in for a shock. Hackers targeted the website, emptying hundreds of virtual wallets. There are currently no accurate figures on the number of compromised accounts or the amount of money stolen. However, in an official statement, Vinted acknowledged the incident and vowed to take appropriate measures.
Vinted, a Lithuanian unicorn
Created in 2008 by Lithuanian Milda Mitkute and Justas Janauskas, Vinted is an online reselling platform. The idea came to Milda as she was planning a move and needed to shed some extra clothing. With her partner Justas, she initially launched Vinted for womenswear but later expanded to menswear and kids’ clothing.
Like Depop, Vinted allows users to trade belongings they no longer want. Products featured include clothes, accessories, makeup, and other second-hand items.
Once a small start-up, the website has experienced rapid growth in recent years. In 2010, Vinted launched in Germany under the name Kleiderkreisel. France, Belgium, and Spain would soon follow. After a leadership change in 2019, the company joined the closed ranks of the unicorns, tech companies valued at over a billion dollars.
Vinted is now available in Europe and Northern America. The site boasts over 65 million users (nicknamed Vinties) and 1,500 employees, according to June 2022 reports.
However, the ransom of success is that any arising issue rarely goes unnoticed. Last week, many French users (Vinted biggest market)noticed that their virtual wallet on Vinted was wiped out. Social media was rife with complaints.
The process of this scam is standard. First, users would receive an SMS or a phone call mentioning a four-digit code necessary to change their details on Vinted. Next, some victims are sent an e-mail announcing their details change. But, it is too late: the cybercriminals have already taken control of the account and pocketed the fruit of their sales.
Vinted acknowledged the hacking in a statement on Friday. However, they stated that:
the login information used was obtained from data accessed elsewhere, outside the platform, and not related to Vinted.
Furthermore, the company promised to restore access for customers and advise them to ensure the security of their accounts. On a good note, victims of this scam will be eligible for compensation for money lost in their Vinted wallets.