Topstep, a US-based futures exchange, has confirmed a serious data breach. The cyberattack, which occurred last September, compromised the personal information of many users, including their names and Social Security numbers. The company has now begun sending direct notifications to affected customers.
DDoS attack raises questions over possible user data exposure
In a letter to affected customers, Topstep confirmed that the data leak originated from a distributed denial-of-service (DDoS) attack on September 8, 2025. The company stated that this system intrusion was directly related to a cyberattack aimed at paralyzing the platform at that time.
Topstep indicates that the data breach was related to a distributed denial-of-service (DDoS) attack.
Following a comprehensive internal review on December 3rd, Topstep confirmed that users’ personal information had been compromised. Specifically, from September 8th to October 16th, 2025, several files containing critical personal identification information were illegally accessed by a third party. This conclusion was reached after a rigorous self-examination by the company to clarify security breaches and protect customer data rights.
However, Topstep unexpectedly reversed its statement, claiming that websites not affiliated with their system were the cause of the data leak.
Topstep’s support team blamed websites not affiliated with Topstep for the data leak.
Topstep asserted on X that their system was not compromised. According to the company, the incident stemmed from a small group of traders using the same password as other websites that had previously experienced data leaks. They emphasized that this was a personal security error due to the habit of reusing login information, not a vulnerability on the platform’s part.
According to the letter being shared, Topstep will provide a free credit monitoring service to protect the rights of users whose information has been compromised.
Simply put, a DDoS attack is a massive flood of internet traffic to overwhelm a server and cause network congestion. This action overloads the system’s processing capacity, leading to complete disruption of server or service operations.
Recently, many brokerage and proprietary trading firms have been repeatedly targeted by cyberattacks. Not only Topstep, but also companies like E8 Markets and Founding Pips have been victims of DDoS attacks, demonstrating a growing trend of cybercriminals targeting this financial sector.
Topstep: Popular but surrounded by controversy
Led by Michael Patak, Topstep is currently one of the leading names in futures trading in the US. The platform also plays a crucial role as a strategic technology provider for Plus500, a major CFD brokerage firm listed on the London Stock Exchange.
Michael Patak, founder and CEO of Topstep
Topstep is facing intense criticism on social media due to frequent disruptions to its trading platform. Many traders complain about being unable to open or close positions, and some have even lost their entire accounts due to system errors. Notably, the community also accuses the company of a persistent lack of transparency and failure to acknowledge these technical issues, seriously impacting user rights and trust.
Topstep currently operates only the TopstepX platform, which is believed to be a rebranded version of ProjectX, although neither party has officially confirmed this.
Following criticism regarding persistent system errors, CEO Michael Patak directly acknowledged the disruptions. He pledged to the trading community that the company was working to resolve the issues and would fully fix all technical problems by January.
For more information about Prop Firm, visit our website regularly!
