Categories
Finance iOS News security Uncategorized

Hours after citing capable security, CurrentC announces unauthorized access of users’ email accounts

currentc

Hubris, anyone?

Just hours after publishing a blog post answering some questions about its upcoming CurrentC mobile payments system and touting the security of its cloud-based storage of sensitive information, the company behind the effort, Merchant Customer Exchange (MCX) has alerted users of unauthorized access to their email addresses.

Per MacRumors, the company released the following statement:

Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.

Details on the unauthorized access have not been disclosed, but reporter Nick Arnott of iMore took some time earlier this week took a look at some of the personal information being collected by MCX and CurrentC and noted that he could ping CurrentC’s systems to look for valid registered email addresses on the system. While he did not find valid addresses, the system appeared capable of returning a substantial amount of personal information about such accounts.


Security has of course been one of the main selling points of Apple’s new Apple Pay system, with data stored in a Secure Element on the device and payments authorized through Touch ID and tokenized account numbers being used instead of actual credit card numbers to process transactions.

Tempt not the fates/hackers with overconfident claims of security, lest they tear through your network like a hot knife through butter and show you just how weak, feeble and behind the times you truly are…

2 replies on “Hours after citing capable security, CurrentC announces unauthorized access of users’ email accounts”

Comments are closed.