What Happened
In 2025, TRAXNYC, a prominent New York City luxury jewelry retailer, suffered a major data breach between August and October, when hacker “wikkid” claimed responsibility for stealing and leaking 182,326 customer records from a file named traxnyc.csv on Darkforums.st, allegedly in retaliation for the company ignoring prior warnings. The exposed data included highly sensitive customer details such as full names, email addresses, phone numbers, shipping addresses, order IDs, order dates and times, order statuses, and product information, posing significant risks for phishing, identity theft, and fraud. Screenshots of the data were shared as proof, rapidly spreading across Telegram channels, X (formerly Twitter), and cybersecurity feeds, with no official statement from TRAXNYC as of the reports; a separate incident involved website downtime and $750K in losses from extortion attempts and DDoS-like attacks, but the leak focused on customer PII rather than financial data.
