Saturday, 25 November 2017
Latest news
Main » Your UK CEX Account May Have Been Breached - Here's the Important Info

Your UK CEX Account May Have Been Breached - Here's the Important Info

31 August 2017

Second-hand games and electronics retailer CeX has warned that the personal details of up to 2 million customers have been compromised in an "sophisticated" data breach.

The data that was compromised was online-only.

The company, which operates a secondhand marketplace for games and tech products, said it's still investigating the extent of the breach. It also owns a limited number of stores in the US. While personal, identifying information did make it out, CEX has not stored any payment card information from customers since 2009. Last night, CEX contacted customers via email to inform them to change their passwords as their data may have been stolen.

Personal data stolen by hackers include customer names, addresses, email addresses, phone numbers and some credit card information. If you receive an email from the company then you should immediately change your online password and any other account with the same password as a precaution.

Javvad Malik from the security firm Alien Vault told the BBC that it was "surprising" that Cex still stored customer card details "prior to 2009".

Local hero Kirsty Gilmour edged out of World Championships
It was Sindhu's third medal at the World Championships, with a bronze apiece from the 2013 and 2014 editions in her bag. Commenting about her next encounter with Chen, Sindhu said: "She is a good player and she is playing well".

It now appears the data breach only affects those who have made online transactions through the CEX website, and not the data of those who created in-store membership cards.

'One would struggle to think of a legitimate business reason for storing expired card details, ' he said.

In a statement, Cex said it had employed a cyber-security specialist to review its systems, to prevent a "sophisticated breach" from happening again. "Together we have implemented additional advanced measures of security to prevent this from happening again", the company added.

But Cex is urging its customers to change their passwords online, "as well as any other online accounts where you may share the same password as a precautionary measure".

"With GDPR looming, it is essential that companies take a hard look at the data it stores and processes and for what purposes".

Your UK CEX Account May Have Been Breached - Here's the Important Info