Two million customers hit by CeX hack
CeX tells customers to change passwords after being targeted by hackers
It's that time again when we reset the imaginary internet sign to read "zero days without a UK data breach".
CeX has broken our run of good fortune, revealing in an email sent out late last night that nearly two million customers had had their data leaked in a hack attack.
Personal details including first name, surname, address, email address and phone number have been accessed and in some cases, passwords were also lifted. The company explained that these were hashed, but adds that weak passwords could still be broken, and advises customers to change their login details at the earliest opportunity. Though the company stopped short of forcing a password change on everyone, despite some pressure to do so via Twitter:
Credit and debit card information was also lifted from the site, but as CeX stopped taking that information in 2009, the company believes that any cards left on the system have long-since expired. As this is an online security breach, cards used in brick-and-mortar stores were not impacted.
"We take the protection of customer data extremely seriously and have always had a robust security programme in place which we continually reviewed and updated to meet the latest online threats," reads an answer in the data breach FAQ on the CeX website. "Clearly however, additional measures were required to prevent such a sophisticated breach occurring and we have therefore employed a cyber security specialist to review our processes. Together we have implemented additional advanced measures of security to prevent this from happening again."
The good news is that if this is the first you're hearing of a CeX hack, then you're likely unaffected. The company revealed that only impacted accounts were emailed. "If you do not receive an email, your account is not affected," the statement reads.
Photo by A_man_alone / CC BY 2.0
Navigating the new normal: A fast guide to remote working
A smooth transition will support operations for years to comeDownload now
Putting a spotlight on cyber security
An examination of the current cyber security landscapeDownload now
The economics of infrastructure scalability
Find the most cost-effective and least risky way to scaleDownload now
IT operations overload hinders digital transformation
Clearing the path towards a modernised system of agreementDownload now