Two million customers hit by CeX hack

CeX tells customers to change passwords after being targeted by hackers

It's that time again when we reset the imaginary internet sign to read "zero days without a UK data breach".

CeX has broken our run of good fortune, revealing in an email sent out late last night that nearly two million customers had had their data leaked in a hack attack.

Advertisement - Article continues below

Personal details including first name, surname, address, email address and phone number have been accessed and in some cases, passwords were also lifted. The company explained that these were hashed, but adds that weak passwords could still be broken, and advises customers to change their login details at the earliest opportunity. Though the company stopped short of forcing a password change on everyone, despite some pressure to do so via Twitter:

Credit and debit card information was also lifted from the site, but as CeX stopped taking that information in 2009, the company believes that any cards left on the system have long-since expired. As this is an online security breach, cards used in brick-and-mortar stores were not impacted.

"We take the protection of customer data extremely seriously and have always had a robust security programme in place which we continually reviewed and updated to meet the latest online threats," reads an answer in the data breach FAQ on the CeX website. "Clearly however, additional measures were required to prevent such a sophisticated breach occurring and we have therefore employed a cyber security specialist to review our processes. Together we have implemented additional advanced measures of security to prevent this from happening again."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The good news is that if this is the first you're hearing of a CeX hack, then you're likely unaffected. The company revealed that only impacted accounts were emailed. "If you do not receive an email, your account is not affected," the statement reads.

Photo by A_man_alone / CC BY 2.0

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/policy-legislation/data-protection/356344/eu-institutions-warned-against-purchasing-any-further
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020
Visit/mobile/mobile-phones/356335/the-man-has-ruined-my-huawei-p40
Mobile Phones

The Man has ruined my Huawei P40

3 Jul 2020