Stiiizy Gets Busy with Cybersecurity Cleanup After Major Breach

In late November 2024, Stiiizy found itself in a cyber storm when a trusted vendor revealed they’d been hit by an organized crime group. Between October 10 and November 10, digital thieves slipped into the vendor’s systems, accessing customer information tied to Stiiizy shops in San Francisco, Alameda, and Modesto. The kind of information no one wants out in the wild—names, addresses, ID details, transaction records, and even snapshots of government cards.

The Fallout

Once the breach was confirmed, the company moved fast, notifying 380,000 individuals and offering them a year of credit monitoring and fraud support. But the shadows of the internet don’t let go so easily. The Everest ransomware crew claimed responsibility, boasting about stealing over 420,000 customer profiles. By December, some of that stolen info was leaked, a ransom left unpaid, and more threats hanging in the air.

The Bigger Picture

Stiiizy isn’t just another brand; it’s a cultural juggernaut with 34 locations and over 1,700 employees. Built on California’s unique vibe since 2017, it’s been riding the wave of rapid growth in a space where identity verification isn’t just routine—it’s the law. But when your entire business is rooted in compliance and trust, a crack in the foundation can shake things up.