Electronics dealer CeX suffers major security breach

Second-hand electronics and video games dealer CeX has suffered a serious security breach, with the data of up to two million customers being stolen from its online store.

The company, privately held by its founder Robert Dudani, operates a nationwide chain of high-street shops buying and selling electronics and video games, as well as an online retail platform.

It said late on Tuesday that the stolen data included the names, addresses, email addresses and phone numbers of many customers.

The data also included old credit card information, but CeX assured it was all for expired credit cards, as it had not held customer credit card data in-house for a number of years.

“A small amount of encrypted data from expired credit and debit cards may have been compromised,” the company said in a statement.

“We would like to make it clear that any payment card information that may have been taken, has long since expired as we stopped storing card data in 2009.”

CeX was advising customers to change their passwords for the website, as well as for any other websites on which they use the same or similar passwords.

“Although your password has not been stored in plain text, if it is not particularly complex then it is possible that in time, a third party could still determine your original password and could attempt to use it across other, unrelated services.”

CeX said it was contacting the up-to-two million customers that may have been affected, and was working with the police and a cyber security expert to to gather details of the attack and work to prevent another from happening.