Game Trading Retailer CEX Suffers Data Breach Potentially Exposing 2 Million Customer’s Data

Media Division | August 29, 2017

Various types of data breaches have occurred over the years, and they will not be stopping anytime soon. Cyber attackers hit all different types of organizations in attempts to purloin their data and use it for malicious purposes. They can target financial data and use it for fraudulent purchases, personal data for identity theft, or even organizational data so that they can ransom it back to the owners. In addition, they may not even use this stolen data themselves, but rather sell it on the black market for others to use. Whatever the case, any sort of data breach can be extremely detrimental to an organization. In yet another breach, the game trading retailer CEX was hacked, and massive amounts of customer information were potentially exposed.

What CEX Has Said About the Breach

There does not seem to be much data as far as when the breach occurred or when it was discovered. CEX has put up a FAQ that answers most questions in regard to the breach, and it states that an unauthorized third party had accessed customer data. According to the retailer, 2 million people potentially had their data compromised, and they are contacting them all out of precaution. Possibly compromised data included details like customer names, physical addresses, email addresses, and phone number if these had been provided. In some cases, the details may also include encrypted credit card information, but these details are from 2009, so all the cards are likely expired by now. It appears that the breach only affected online members, as there was no indication that in-store personal membership had been compromised. CEX said that they are currently working with authorities in an ongoing investigation of the incident. They recommend that users change their online account password, as well as any other accounts that have the same password. In response to the breach, they had employed a cyber security specialist to review their systems and have since implemented advanced security methods to better defend from threats in the future. Customers that do not receive an email about the incident do not have to worry, as their accounts were not affected.

It seems that CEX is handling the breach quite well, being that they are notifying customers, working to mitigate the damages, and improving overall security for the future. With how large of an industry gaming has become, these types of organizations can be pretty valuable targets for cyber attackers. In fact, there was even another incident not too long ago where online Gamestop accounts were breached and credit card data had been stolen.

The Need for Improved Cyber Security

Cyber security needs to be a much larger focus for many types of organizations out there. Even the most minute slip up or vulnerability can allow hackers to gain access and steal massive amounts of data. CEX said that they had a large focus on cyber security and had constantly upgraded and reviewed their systems to stay up to date, and yet they still suffered a breach. We may not know how this exactly occurred yet, but it could have been something extremely simple. Although, they were at least attempting to do the correct thing by working to keep their security up to date. This is a very important point, as many organizations implement some type of security and then barely ever review it again. Many organizations hold far too much customer data for them to be lackadaisical about security. Massive Alliance has numerous tools and services that can help bolster the cyber security of any type or size of an organization.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.