Wednesday, August 30, 2017

Two million shoppers told to change their passwords after tech retailer is hacked

istock-458548459.jpg

Up to two million online customers of CeX at at risk from attackers - but no information of in-store customers has been compromised.

Image: Getty

The personal details of up to two million customers of technology and video games retailer CeX may have been compromised in a data breach by cyber attackers.

Information including names, addresses, email contact details and phone numbers of CeX customers in the UK who supplied their data in online forms have been accessed in a "sophisticated breach", the company has warned.

While no password data has been compromised, customers are urged to change their online password, as well as the password on any other accounts which use the same password. CeX warns that it's "precautionary measure" so customers can protect themselves further attacks in the event of attackers cracking passwords - especially those which aren't complex.

CeX has also said that in a "small number of instances" encrypted data from credit and debit cards up to 2009 may have been accessed, but that no live payment information has been taken as those cards will have expired and the company no longer stores financial information.

The retailer is contacting all customers who are directly affected by the breach, which only affects the online arm of the company. No in-store personal membership details are thought to have been compromised. CeX has over 350 stores in the UK and over a hundred more overseas.

CeX has yet to detail how exactly attackers managed to gain access to the data, only that the incident occurred "recently".

The retailer said it is is working alongside the police to investigate the incident and has also employed a "cyber security specialist" to review security processes.

"We take the protection of customer data extremely seriously and have always had a robust security programme in place which we continually reviewed and updated to meet the latest online threats," CeX said in a statement.

"Clearly however, additional measures were required to prevent such a sophisticated breach occurring and we have therefore employed a cyber security specialist to review our processes. Together we have implemented additional advanced measures of security to prevent this from happening again," the company added.

READ MORE ON CYBER CRIME



from Latest Topic for ZDNet in... http://ift.tt/2iGMJ1S
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)