Hackers have stolen the personal data of up two million customers of the second-hand electronics retailer Cex due to an "online security breach".
The company says personal information such as first names, surnames, email addresses, home addresses and telephone numbers were leaked in the hack, as well as software-protected information of expired credit and debit cards "up to 2009."
Javvad Malik from the security firm Alien Vault told the BBC that it was "surprising" that Cex still stored customer card details "prior to 2009".
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
He added: "One would struggle to think of a legitimate business reason for storing expired card details."
But Cex says it stopped storing card data in 2009 and that any bank details stolen by hackers have "long since expired".
Customer data for the retailer's online shop, such as account usernames and passwords, are not believed to have been compromised in the attack, reports ZDnet.
But Cex is urging its customers to change their passwords online, "as well as any other online accounts where you may share the same password as a precautionary measure."
The second-hand retailer adds: "We take the protection of customer data extremely seriously and have always had a robust security programme in place which we continually reviewed and updated to meet the latest online threats."
The company says that it's working with the police and other "relevant authorities" to identify how the hackers bypassed its security systems.
Cex has emailed customers affected by the hack, but says it cannot share specific details of the security breach while the firm is under investigation.
Continue reading for free
We hope you're enjoying The Week's refreshingly open-minded journalism.
Subscribed to The Week? Register your account with the same email as your subscription.
-
How cybercriminals are hacking into the heart of the US economySpeed Read Ransomware attacks have become a global epidemic, with more than $18.6bn paid in ransoms in 2020
-
Language-learning apps speak the right lingo for UK subscribers
Speed Read Locked-down Brits turn to online lessons as a new hobby and way to upskill
-
Brexit-hobbled Britain ‘still tech powerhouse of Europe’
Speed Read New research shows that UK start-ups have won more funding than France and Germany combined over past year
-
Playing Cupid during Covid: Tinder reveals Britain’s top chat-up lines of the year
Speed Read Prince Harry, Meghan Markle and Dominic Cummings among most talked-about celebs on the dating app
-
