Canadian payment gateway provider Slim CD was hit by a cyberattack that affected nearly 1.7 million users in the US and Canada.
The company first discovered suspicious activity in its system on June 15, 2024, but investigation revealed that the system had already been compromised on August 17, 2023. This means that hackers had access to the network for almost a year.
Slim CD claims that hackers were able to access credit card information for just two days between June 14 and 15. However, the information obtained may include full names, credit card numbers, expiration dates, and the customer’s physical address.
No extra protection
As a payment processing service, Slim CD stores credit card information so users and businesses can access card payments online.
The company has assured its users that it has “taken steps to implement additional security measures” and has revised its data security and privacy policies. The company has also reported the incident to federal law enforcement and regulatory agencies.
Slim CD did not offer free identity theft protection services to those affected. Instead, the company advised customers to take steps to protect themselves,
“We encourage you to remain vigilant against incidents of identity theft and fraud by monitoring your account statements and checking your free credit reports for suspicious activity and errors,” the company said in a statement.
This is the latest in what appears to be an endless series of data breaches involving malicious actors gain access to millions of people’s information due to various security breaches in recent times.
There are dedicated identity theft protection services who can provide assistance to those dealing with the ubiquitous threat of data breaches.