Technology, Top News

Cash Converters has old site converted into cash cow for hackers

It’s the yellow beacon of skintness….

ELECTRONIC SWAP SHOP and less-good-spelling of pawn shop Cash Converters International has been hit by a data breach affecting its UK customers.

The Australian chain is said to be having its data held to ransom, following a letter that was sent to affected customers of a decommissioned version of its website. A new version replaced it in September.

The breach is being followed up at both the Australian and UK ends of the business, and the police are involved. The company has also reported it to the Information Commissioner.

The company believes that usernames, passwords and addresses of online buyers from the old site may be affected.

“Our customers truly are at the heart of everything we do, and we are disappointed that they may have been affected,” said the company.

“We apologise for this situation and are taking immediate action to address it.”

This doesn’t appear to include making the information available on its new website, which doesn’t mention it at all.

Talking about the breach, Javvad Malik, security advocate at AlienVault said: “The attack highlights the importance of having threat detection capabilities that can alert to breaches in a reliable and timely manner. There isn’t much information available at the moment, but this is a rather different threat that rather than relying on ransomware; the attacker claims to have the data.

“The problem with this scenario is that without having reliable logs, the victim doesn’t know if the criminals actually have the data they are claiming to possess – or indeed if they will stick to their word and not release it in the event of receiving payment.

The hackers have said that they will release the data into the public domain if they do not receive a payment, however given that no credit card details are stored on either the old site, nor the new one, the most information that will hit the public domain is whether Mrs Jenkins of Tring bought a second hand Wii Fit console in 2015 – hardly earth-shattering stuff. µ

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend