Canadian payment gateway provider Slim CD was hit by a cyberattack which has affected almost 1.7 million US and Canadian users.
The company first detected suspicious activity in its system on June 15 2024, however an investigation revealed the system had first been breached on August 17 2023, meaning hackers had access to its network for almost a year.
Slim CD insists that hackers only had access to credit card information for two days of the period, between June 14 and June 15, but the information accessed may include full names, credit card numbers, expiration dates, and customer’s physical address.
No additional protection
As a payment processing service, Slim CD stores credit card information to allow users and businesses to access card payments online.
The company has reassured users it has taken "steps to implement additional safeguards" and review its policies relating to data security and privacy, as well as reporting the incident to federal law enforcement and regulatory authorities.
Slim CD did not offer those affected any free of charge identity theft protection services. Instead, the firm recommended customers to take steps to protect themselves,
“We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors.”, the firm said in a statement.
This is the latest in what seems to be a never ending string of data breaches, with threat actors gaining access to millions of people's information through various security breaches in recent times.
There are dedicated identity theft protection services which can help those affected by the ever-present threat of data breaches.
More from TechRadar Pro
- Cisco's merch store targeted by dangerous malware
- Here are our best firewall tools to keep your business protected
- Managing the risks of your biggest vulnerability: identity
