SC Magazine: Cash Convertors hit by security breach

November 16, 2017 — Cash Convertors hit by security breach

Robert Capps, authentication strategist and vice president at NuData Security, comments on the news of a data security breach at Pawnbroker chain Cash Converters’ UK operations after receiving email threats of data release.

According to a Reuters’ report, Cash Converters received an email from a third party claiming to have gained unauthorised access to customer data within a Cash Converters’ UK website​.

In a notification email sent to customers, the company said its webshop had been hacked with information taken from a recently decommissioned website. The site was decommissioned in September this year and was hosted by an external third party. The breach only affects those users of the old site.

Among the data breach details compromised were account names, passwords and delivery addresses. Cash Convertors said in its notification email that the customer data breach did not include credit card details.

Robert Capps, authentication strategist and vice president at NuData Security, told SC Media UK that back in 2015, Forever 21 made an effort to secure its clients’ personal data through encryption and token-based authentication methods. This measure has reduced the impact of this potential breach – still under investigation.

“However, this higher-security system was still not implemented in some point of sale (PoS) devices, putting those clients’ information at risk. We are glad to see companies enhancing their security, but they should also be diligent and implement those new technologies across all placements. Forever 21 is the example of what happens when you fail to do so: hackers are attracted to your security gaps like bees to a honeypot,” he said.

For the complete article, go here.