Fee gateway supplier Slim CD has disclosed an information breach that compromised bank card and private knowledge belonging to nearly 1.7 million people.
Within the notification despatched to impacted shoppers, the corporate says that hackers had entry to its community for practically a 12 months, between August 2023 and June 2024.
Slim CD is a supplier of cost processing options that allows companies to entry digital and card funds by way of web-based terminals, cell, or desktop apps.
The agency first detected suspicious exercise on its methods this 12 months on June 15. Throughout the investigation, the corporate found that hackers had gained entry to its community since August 17, 2023.
“The investigation identified unauthorized system access between August 17, 2023, and June 15, 2024,” reads the notification to impacted people.
Nonetheless, Slim CD says that the menace actor considered or obtained entry to bank card info this 12 months for 2 days, between June 14th and fifteenth
“That entry could have enabled an unauthorized actor to view or receive sure bank card info between June 14, 2024, and June 15, 2024,” Slim CD says within the knowledge breach notification.
The sorts of knowledge which will have been accessed by the unauthorized half embody:
- Full identify
- Bodily tackle
- Bank card quantity
- Fee card expiration date
Although the uncovered info is just not sufficient to permit cybercriminals to carry out fraudulent transactions, for the reason that card verification quantity (CVV) is lacking, a danger of bank card fraud nonetheless exists.
Slim CD says it has taken measures to strengthen its safety to forestall related incidents sooner or later.
On the identical time, it advises the discover recipients to stay vigilant for indicators of fraud and identification fraud makes an attempt and report suspicious exercise to the cardboard issuer as quickly as doable.
No free-of-charge identification theft safety companies had been provided to the affected people.
Slim CD affords cost processing companies to numerous industries, together with retail, hospitality, and eating places, however people receiving the breach notifications are seemingly unfamiliar with it as they by no means instantly interacted with the corporate.
