Cex Security Breach
CeX is one of the biggest online shops for second-hand IT goods where users can purchase everything from computers, monitors and speakers to games, music disks and computer parts. Being an online service/website that is used all over the world, CeX has a big number of customers who have shared some form of personal data when creating an account on the website and while purchasing goods from it. Most personal user data stored on the site includes names, phone numbers, e-mails and even addresses. Recently, it was reported that such data of over two million users of CeX has been stolen after a security breach from an unknown hacker/hackers. It is said that the only customers that have been affected by the data theft were ones who have an account on the website. So far, there is no information regarding the attacker who is behind the security breach. CeX are currently working with the relevant government bodies in order to determine who has issued the attack.
No credit card data stolen
Prior to 2009, Cex was known to also collect and store credit card data from the accounts of its users. However, this practice was revoked back in 2009 which is good news for users who have had their information acquired by the hacker as there will be no relevant credit card information there. However, CeX stated that in some rare instances, encrypted information regarding expired credit/debit cards might have also been stolen during the attack. That said, most credit/debit cards from before 2009 have more than likely expired by now, making any such stolen data outdated.
E-mails send to affected users
CeX has send out e-mails to each user who has had their personal details obtained by the attacker, informing them about the security breach and apologizing for the inconvenience. Individuals who have not been sent a warning e-mail have no reason to worry as their accounts have not been affected according to a statement posted on Cex.
Within the same statement, customers are advised to change their passwords in the site as well as on any other sites where the same password might be used so as to avoid any further data theft. It is worth mentioning that even though most user passwords are said to be intact, there are still instances of passwords having been stolen during the attack. CeX has assured its customers that the security measures will be tightened in order to prevent any more hacker attacks. As stated on the website, despite the “robust security programme”, the attacker has still been able to bypass the protection precautions which is why an updated and improved prevention system will be required as a way to stop future security breaches to the site.