The used gadget and video games high street retailer CEX has experienced a data breach affecting over 2 million customers.
According to CEX, the data breach was a result of a sophisticated “online security breach” and in-store terminals were not affected. It is understood that an “unauthorised third party” has accessed online account holder data, but CEX has stressed that in-store data has not been affected.
The leaked data includes the names, addresses, email, phone numbers and some old credit card information of over 2 million CEX customers. It is understood the compromised credit card information was encrypted, but since CEX stopped storing credit card information in 2009, these customer banking details are likely to have expired, making them useless to criminals. Concern has since been shared as to why CEX was storing customer card details prior to 2009.