Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Apple Pay Competitor CurrentC Hacked

Merchant Customer Exchange (MCX), the developer of the mobile payment system called CurrentC, is notifying some users that their email addresses have been stolen by hackers.

Merchant Customer Exchange (MCX), the developer of the mobile payment system called CurrentC, is notifying some users that their email addresses have been stolen by hackers.

“Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information,” read the emails sent out by the company to affected individuals.

MCX says the breach affects participants in the CurrentC pilot program and those who have expressed interest in the product. The company has advised impacted users to be on the lookout for phishing emails, and avoid clicking on links or attachments contained in suspicious messages.

The company clarified in a blog post published on Wednesday that many of the compromised email addresses are actually dummy accounts used only for testing purposes. The CurrentC app itself is not impacted by the breach, MCX said.

“We have notified our merchant partners about this incident and directly communicated with each of the individuals whose email addresses were involved. We take the security of our users’ information extremely seriously. MCX is continuing to investigate this situation and will provide updates as necessary,” the organization stated.

MCX is a company created by a consortium of major United States retailers to develop CurrentC, a merchant-owned mobile payment system. The company made headlines this week after two of its members, the Rite Aid and CVS pharmacies, decided to block payments made through Google Wallet and Apple’s recently introduced Apple Pay. The retail giant Walmart, one of the top members of the consortium, is also not accepting payments through Apple Pay.

CurrentC will be launched only next year and, until then, the customers of MCX retailers have no alternative to the classic plastic payment cards. MCX clarified in a blog post that “when merchants choose to work with MCX, they choose to do so exclusively.” The company also noted that those who choose to stop their collaboration with MCX will not have to pay any fines.

As far as data security is concerned, MCX explained that it does not store sensitive customer information in the app, but in a secure cloud-hosted network.

Advertisement. Scroll to continue reading.

 

“Removing this sensitive information from the mobile device significantly lowers the risk of it being inappropriately disclosed in a case that the mobile device is hacked, stolen or otherwise compromised,” the company said.

As far as functionality is concerned, CurrentC has been called “clunky“, especially when compared to Apple Pay. Others don’t like the fact that the app requests social security numbers and driver’s license numbers for identity verification purposes when adding a new bank account.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.