Hackers access personal information on old website but credit card details haven’t been exposed, says Cash Converters
Second hand retail chain Cash Converters has admitted it suffered a data breach that may have resulted in personal information being obtained by hackers.
The company said its old website, which was decommissioned in September, was the subject of the attack and that user names, passwords and addresses could have been accessed.
The previous website was operated by a third party and Cash Converters was keen to stress that full credit details had not been stolen and that users of the new website and its in-store customers were not affected.
Cash Converters data breach
“We are taking this extremely seriously and have provided our customers of the old Webshop site with details to help protect them from being impacted by the security breach,” Cash Converters added.
“We are also actively implementing measures to ensure that this cannot happen again.”
Cash Converters is urging customers to monitor their credit file for unusual activity and to immediately notify their bank or card provider if they notice any financial details might have been compromised.
The Information Commissioner’s Office (ICO) has been notified and the incident serves as a warning to all businesses ahead of the introduction of the EU’s General Data Protection Regulation (GDPR) next May.
Data breaches will be subject to much stricter financial penalties while consumers will have more control over what type of data organisations can store about them.