Cash Converters suffered a data breach, its old webshop that was withdrawn on 22 September was hacked and attackers gained unauthorised access to customer data
The High street pawnbroker Cash Converters, which sells small loans and second-hand jewellery, has announced it’s suffered a data breach that could put at risk some of its customers are.
Customers were notified of the data breach this week, on Thursday the firm sent them an email to explain what has happened.
“Along with the relevant authorities we are investigating this as a matter of urgency.” reads a statement from Cash Converters.
“We are also actively implementing measures to ensure that this cannot happen again.”
According to the company, its old online website that was withdrawn on 22 September was hacked and attackers gained unauthorised access to customer data from its UK e-commerce. The current version of the e-commerce platform used by the firm is not affected.
Even if the website was not storing financial data, attackers may have accessed user records, including personal details, passwords, and purchase history from a website that was run by a third party. Cash Converters closed the contract with this third party in September.
If you have had a Cash Converters account online change your password, including on websites and log-ins where the same credentials have been used.
The company has reported the data breach to authorities in the UK and Australia, it is still investigating the incident.
A spokesman for the ICO confirmed it was looking into the reported breach.
“We’re aware of an incident at Cash Converters UK and will be making enquiries,” he said.
Users that receive anything suspicious can report it through Cash Converters or Action Fraud
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.