CurrentC, a mobile payment solution service which is supposed to take on the newly launched Apple Pay has been hacked. CurrentC which is run by MCX (Merchant Customer Exchange) has support of top US retailers like Walmart, Best Buy, Gap and others. As per the news reports, the hackers managed to compromised CurrentC hackers and steal the email addresses of the testers who had signed up for the solution system. The company, however said, that its CurrentC mobile App has not been affected by this breach.
In a email sent to its users, CurrentC acknowledged that in the last 36 hours, unauthorized third parties (hackers) compromised the CurrentC servers and obtained the email addresses of some of its CurrentC pilot program participants and other individuals who had expressed interest in the App.
MCX, the owner of CurrentC has notified all its merchant partners about the data breach and is in process of communicating directly with those testers whose email ids may have been stolen by the hackers. The preliminary investigations revealed that only emails ids of mobile app Testers who had signed up for CurrentC may have been stolen. There are no reports as of yet to payment data or other personal information taken, like home addresses or phone numbers having been stolen by the hackers.
Below, is the email being shared with these users, in its entirety:
Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.
In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties. Also know that neither CurrentC nor Merchant Customer Exchange (MCX) will ever send you emails asking for your financial account, social security number or other personally identifiable information. So if you are ever asked for this information in an email, you can be confident it is not from us and you should not respond.
MCX is continuing to investigate this situation and will provide updates as necessary. We take the security of your information extremely seriously, apologize for any inconvenience and thank you for your support of CurrentC.
Touted to take on the newly launched rival Apple Pay in the mobile payment solutions arena, CurrentC is being backed by over 50 top retailers in the United States. MCX, the force behind CurrentC has already developed a mobile App for iOS and Android and are in process of beta testing their own mobile wallet technology.
The retailers are backing CurrentC because they can track the customer preferences which shopping using CurrentC unlike Apple Pay, which wont be sharing the customer data to the retailers. Customer data is very important for the retailers as they often leverage this data to target future buyers.tly, when retailers involved with the initiative shut off NFC in their stores. NFC is the technology that makes Apple Pay and other NFC-based payment solutions, including Google Wallet, work. Customers were trying to use Apple Pay at stores like Rite Aid and CVS, where at first Apple Pay-initiated payments were functioning properly, thanks to the retailers NFC-enabled point-of-sale terminals.
But then those retailers disabled NFC at their registers, ending their unofficial support for Apple Pay. The problem, apparently, stemmed from the fact that retailers’ contracts with MCX states they’re not supposed to accept rival mobile payment products. (Walgreens, an Apple Pay partner, has taken advantage of this situation, telling customers via social media that #ChoiceIsEverything.)
With interesting timing, MCX this morning published a blog post to clear up misconceptions about its technology and its aims as a company. One section in the post discussed the security aspects to CurrentC, saying “the technology choices we’ve made take consumers’ security into account at every aspect of their core functionality.”
After a number of high-profile data breaches in recent months, which have seen consumer data stolen from Target, Home Depot, Nieman Marcus, Staples, P.F. Chang’s, Supervalu, and others, there’s a feeling among consumers that retailers should not be trusted with our sensitive information, including payment card data and other personal details any longer.
Perhaps the CurrentC hackers agree, and decided to make that point by way of this latest hack.