Cash Converters hit by UK data breach ransom demand
It’s been relatively quiet on the data breach front lately, but that might be about to change. High street money lender and pawnbroker Cash Converters may be about to break that lucky streak: it’s been threatened with a leak of British customer data, if it doesn’t pay a ransom demand.
The data in question is likely to include personal details, passwords and purchase history. It’s possible that masked credit card information has also been accessed.
The leak is said to have occurred from the company’s old website, which stopped being used on 22 September this year. Anyone who used the site before that point is potentially at risk, through Cash Converters has declined to say how many customers could be impacted by the breach.
“We are taking this extremely seriously and have provided our customers of the old Webshop site with details to help protect them from being impacted by the security breach,” the company wrote in a statement. “Customers should be aware that full credit card details were not obtained as part of the security breach”
“Along with the relevant authorities we are investigating this as a matter of urgency. We are also actively implementing measures to ensure that this cannot happen again,” the company added.
Whether the data is leaked or this ends up being a hoax, it would be a sensible precaution to change your password if you used a common login on the Cash Converters website at any point. Better still, consider getting a password manager once and for all. I finally got around to doing this last year, and a quick 30 minutes of admin was definitely worth the peace of mind I’ve had since.
Remember, you can see a snapshot of the breaches your details have been leaked in by checking out haveibeenpwned – a website dedicated to tracking data slips.