Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

CurrentC Alerts Users of Unauthorized Access to Email Addresses

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,200
38,989



Just hours after publishing a blog post answering some questions about its upcoming CurrentC mobile payments system and touting the security of its cloud-based storage of sensitive information, the company behind the effort, Merchant Customer Exchange (MCX) has alerted users of unauthorized access to their email addresses.
Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.
Click to expand...
mcx_currentc_email_breach.jpg
Details on the unauthorized access have not been disclosed, but iMore's Nick Arnott earlier this week took a look at some of the personal information being collected by MCX and CurrentC and noted that he could ping CurrentC's systems to look for valid registered email addresses on the system. While he did not find valid addresses, the system appeared capable of returning a substantial amount of personal information about such accounts.

Security has of course been one of the main selling points of Apple's new Apple Pay system, with data stored in a Secure Element on the device and payments authorized through Touch ID and tokenized account numbers being used instead of actual credit card numbers to process transactions.

Article Link: CurrentC Alerts Users of Unauthorized Access to Email Addresses
 
Article Link
https://www.macrumors.com/2014/10/29/currentc-email-breach/
Lmfao!!!!!! This is too good.

I feel like I'm watching a soup opera unfold.


Dun, dun, dun....what will happen next!? :eek:
 
Last edited:
As if anyone was expecting these companies to take customer data security seriously...

Queue Nelson Muntz...
 
Lolz. Yeah. A merchant-controlled cloud service is more secure than an encrypted secure enclave in my palm. This is stupid.
 
There is no way I'd ever use CurrentC with a direct link to my checking account. At least with a CC you have some protection against fraud, but if your checking account gets drained you are truly hosed.
 
Let's see how fast merchants drop this. And, they expect you to give them your SSN, checking account number, and drivers license number?!
 
Mess with Apple Pay users and you will have a bunch of "Consumers" upset, mess with Google Wallet and you're starting to piss off the programmers and the majority of "hackers". This just had bad written all over it. Unfortunaetly for retailers it looks like they are actually locked into a contract with CurrenC and were forced to close down their NFC terminals.
It would be nice to see the Android and iOS "Hackers" do something together for once and expose all the flaws in this companies system. You don't need to release all the private information to the world, but just release it to all the news sites and major media.
 
Last edited:
Am I bad for wanting hackers to hack the hell out of this crap app?!

Maybe this service will go still born and everyone can start accepting Apple Pay and Google Wallet payments again.
 
Honest question. Do you think that Tim Cook heard about this before it hit the news? His comment on a "major event" regarding privacy was quite sybilline...
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back