CeX is a popular, international, technology product vendor. Yesterday it announced that 2 million of its customers data had been compromised during a breach. The leaked information includes: first names, surnames, addresses, email addresses, telephone numbers and encrypted payment card data.
“As a precautionary measure, we are contacting up to two million of our registered website customers who could potentially be affected.” - CeX
They have yet to announce the cause of the hack. However, they have mentioned that the breach is currently being investigated by a cyber security specialist. They will be reviewing their cyber security processes in an attempt to locate the source of the problem.
“We take the protection of customer data extremely seriously and have always had a robust security programme in place which we continually reviewed and updated to meet the latest online threats. Clearly however, additional measures were required to prevent such a sophisticated breach occurring.” – CeX
All customers who have been a suspected victim of the breach will have received an email informing them of what’s happened. If you haven’t received an email, then you will not have been affected. However, if you do have an account it might still be a good idea to change your password.
Cex have advised that affected customers change their password for their account, as well as any other online accounts that share the same password. Although they are not stored in plain text, if it is not particularly complex, a third party could still determine the original password.
If companies don’t have the measures in place to fully protect themselves then they are at risk of losing customer data.
What to do if your account has been compromised:
If you’re currently in possession of a CEX account, it is advised that you change your password as soon as possible to be on the safe side.
You should also make sure that none of the contents of your account have been altered and contact CEX for support if something seems a little off.
What can fraudsters do with your personal information?
With the leaked data, the hackers in this case might not have direct access to your financial information. However, they still have your full name, address and telephone number. Once a scammer has your telephone number or address, its possible you will start to receive unsolicited phone calls and letters.
Be sure that when you’re giving out your financial details over the phone or by post that you’re giving it to a legitimate source. They’re designed to con you, so ensure you’re extra diligent going forward.
We have recently been subject to an online security breach. We are taking this extremely seriously and wanted to provide you with details of the situation and how it might affect you. We also wanted to reassure you that we are investigating this as a priority and are taking a number of measures to prevent this from happening again.