UK shop CEX recently suffered an online security breach that may affect up to two million of its customers.
CEX, which deals in secondhand video games as well as other consumer electronics, said an unauthorised third party accessed its computer systems and some customer data was compromised.
The compromised data includes personal information such as first name, surname, addresses, email address and phone number, and “in a small number of instances”, encrypted data from expired credit or debit cards. CEX stressed that it did not have any current card data stored for customers’ accounts as it ceased storing customer card details in 2009.
The breach affects CEX’s registered website customers only. It said there’s no indication in-store personal membership information has been compromised.
As you’d expect, CEX is working with the relevant authorities to work out who’s responsible for the hack and said it’s put in additional measures to fix the problem. In an email to affected customers, CEX managing director David Mullins apologised for the breach and the inconvenience.
In the meantime, if you have an online account with CEX you should change your password. If you use the same password elsewhere, you should change that, too. There’s more over on CEX’s website.