Around 1.7 million people will receive a letter from Florida-based Slim CD, if they haven’t already, after the company detected an intrusion dating back nearly a year.
Slim CD provides payment processing solutions, thus credit card numbers along with their expiry dates are among the data types potentially compromised in the incident.
The cardholder’s name and address may also be affected, meaning potential for financial fraud should that data be sold, although Slim CD says it hasn’t detected any misuse of the data.
[…]
Among the questions we put to the company was why it took so long for the break-in to be detected, and whether it believed there were any failures in its ability to detect such incidents.
A postmortem carried out by the company and third-party experts revealed that the intrusion began on August 17, 2023, but was only discovered “on or about” June 15 this year.
[…]
There was no apology in the letter [PDF] sent to the 1.693 million potentially affected customers, who were instead encouraged to order a free credit report and remain vigilant against any malicious account activity.
Source: 1.7M potentially pwned by payment services provider breach • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft