Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data breach following a cyberattack. Personal data and credit card details of 1,693,000 individuals were compromised. Slim CD’s gateway system allows merchants to accept any kind […]

Slim CD

Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised.

The electronic payment gateway Slim CD disclosed a data breach following a cyberattack. Personal data and credit card details of 1,693,000 individuals were compromised.

Slim CD’s gateway system allows merchants to accept any kind of electronic payment with a single piece of software. The company processes payments for merchants in the US and Canada.

According to the data breach notification sent to the impacted individuals, threat actors had access to its systems between August 17, 2023, and June 15, 2024.

The company notified federal law enforcement regarding the event and launched an investigation into the incident with the help of a third-party specialist.

“On or about June 15, 2024, Slim CD became aware of suspicious activity in its computer environment. Upon learning of the activity, Slim CD launched an investigation to determine the full nature and scope of the activity.” reads the data breach notification. The investigation identified unauthorized system access between August 17, 2023, and June 15, 2024. That access may have enabled an unauthorized actor to view or obtain certain credit card information between June 14, 2024, and June 15, 2024. Slim CD subsequently conducted a comprehensive review of the accessible credit card information to identify the potentially affected cardholders, and this review recently concluded.”

The data breach potentially compromised names, addresses, credit card numbers, and card expiration dates.

The investigation revealed that the threat actors had access to credit card information only between June 14th and 15th. Card verification numbers (CVV) were not exposed, however, threat actors can obtain them from cardholders through social engineering attacks.

Impacted individuals are recommended to remain vigilant for fraudulent attempts and report any suspicious activity to the card issuer.

“Additionally, Slim CD is providing impacted individuals with guidance on how to better protect against identity theft and fraud, including advising individuals to report any suspected incidents of identity theft or fraud to their credit card company and/or bank.” concludes the notification. “Slim CD is providing individuals with information on how to place a fraud alert and security freeze on one’s credit file, the contact details for the national consumer reporting agencies, information on how to obtain a free credit report, a reminder to remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring free credit reports, and encouragement to contact the Federal Trade Commission, their state Attorney General, and law enforcement to report attempted or actual identity theft and fraud.”

The electronic payment gateway did not offer identity theft protection services to the impacted individuals.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)