PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

MCX Hacked In What Must Be the Worst Timing Ever

By Tim Sloane
October 29, 2014
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

CurrentC, the mobile payment application developed by MCX,has disclosed to pilot users that their email addresses may have been accessedby an unauthorized 3rd party.

From TechCrunch:

“Within the last 36 hours, MCX saysit learned that unauthorized third parties obtained the emailaddresses of some of its CurrentC pilot program participants and otherindividuals who had expressed interest in the app.

The group has now notified its merchantpartners about the incident and is communicating directly with thoseindividuals whose email addresses were involved, a company spokesperson tellsus.”

The articlealso includes the full email CurrentC sent to its users:

“Thank you for your interest in CurrentC. Youare receiving this message because you are either a participant in our pilotprogram or requested information about CurrentC. Within the last 36 hours, welearned that unauthorized third parties obtained the e-mail addresses of someof you. Based on investigations conducted by MCX security personnel, only thesee-mail addresses were involved and no other information.

In an abundance of caution, we wanted to makeyou aware of this incident and urge you not to open links or attachments fromunknown third parties. Also know that neither CurrentC nor Merchant CustomerExchange (MCX) will ever send you emails asking for your financial account,social security number or other personally identifiable information. So if youare ever asked for this information in an email, you can be confident it is notfrom us and you should not respond.

MCX is continuing to investigate thissituation and will provide updates as necessary. We take the security of yourinformation extremely seriously, apologize for any inconvenience and thank youfor your support of CurrentC.”

MCX is stating that just the email addresses were accessed.It would be extremely troubling if participants’ bank routing numbers were alsoreleased. The worst possible scenariowould be if hackers gained access to the customer’s checking account using bankrouting information, because at least credit card data is protected by thebanks with Zero Liability.

The hack will make it even harder for those merchants thatwere contractually forced to refuse Apple Pay by MCX to defend that decision ifthey are unable to prove their own system is more secure than Apple Pay, and ifthat new more secure solution isn’t available on iOS in short order.

The timing of the hack is almost unbelievable, as MCX andsome of its merchants have taken a stand against Apple Pay, disablingacceptance earlier this week. Naturally, we wonder who might be behind thehack. Since CurrentC is still in pilot, the app likely does not have data onmany consumers. The motive could be just to make a statement rather than toreap financial gain. Here are three possible explanations for the intrusion.

  • A loose cannon within Apple, or within one ofits partners, hacked MCX/CurrentC in retaliation for merchants deciding toblock Apple Pay acceptance – this is hopefully not the case.
  • An overly exuberant Apple fan boy, frustrated bysome merchants’ decision to not accept Apple Pay, hacked MCX out of spite.
  • Noticing that the CurrentC app requires users toprovide bank account, driver’s license, and social security info to enroll achecking account, thought the hack would be worthwhile despite only havingcredentials for a few pilot customers.


Overview by Tim Sloane, VP of Payments Innovation for Mercator Advisory Group

Read full story in TechCrunch

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    July 7, 2025
    Rewire Acquires Imagen, Looking at Prepaid Cards for Migrant Workers

    Smells Like Team Spirit: What Makes Cobranded Credit Cards Work

    July 3, 2025
    uk banking outages

    New Continuous Strategies for Battling Account Takeovers

    July 2, 2025
    Fraud Monitoring

    What to Expect When Nacha’s Fraud Monitoring Rules Take Effect

    July 1, 2025
    payments

    Don’t Just React to What’s Next in Payments—Anticipate It

    June 30, 2025
    consumer debit

    As Payment Types Proliferate, Debit Cards Still Go Strong

    June 26, 2025
    Embedded Payments

    How Embedded Payments Is Optimizing the Expense Management Process

    June 25, 2025
    small business banks

    How Banks Can Bring Small Businesses Back to the Fold

    June 24, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result