Attackers only accessed and exfiltrated during the last two days of the operation.
Information from nearly 1.7 million credit card holders were compromised when payment gateway provider Slim CD discovered a cyber-attack in mid-June.
According to SC US, attackers were able to infiltrate Slim CD's systems between August 17th 2023, to June 15th 2024, with individuals' credit card details only accessed and exfiltrated during the last two days of the operation, the firm said in a website notice and breach notification letters.
It also said that information potentially impacted by this incident include names, addresses, credit card numbers and card expiration dates.
"Slim CD takes the confidentiality, privacy, and security of information in its possession very seriously," its notice said. "Upon discovery of this incident, Slim CD quickly commenced a thorough investigation and took steps to implement additional safeguards and review our policies and procedures relating to data privacy and security."
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
