It was reported yesterday that there has been a breach with CurrentC, which is only in pilot and available to a certain amount of users. CurrentC is preparing to take on its competitor Apple Pay with retailers across the United States next year. The company acknowledged that its systems have been breached.
The breach comes at a sensitive time for Merchant Customer Exchange (MCX), which is made up of some of the USA's largest retailers, including Best Buy, Wal-Mart and Walgreens. Earlier this week, CVS and Rite-Aid announced that they would not be accepting ApplePay, which was launched by Apple on October 20th.Commenting on this, Lancope CTO, TK Keanini said: "People are driven by their desire to complete a task. If the task is buying something like holiday gifts, and especially if there is a good deal to be had, I've seen folks do the most insecure behaviours.
Consumers will need to be more diligent about auditing their statements as everyone will need to play a part in securing retailers. If you think it is simply a retail firm's problem, you are wrong. The attacker will pursue any access vector possible, which includes every company in the supply chain all the way down to every customer on the demand side of the market. I’m not letting retailers off the hook here for doing their part. They will learn the easy way or the hard way as attackers will not give up until it is no longer profitable for them to commit this type of cyber crime.
Payment systems like these take time to get right and mistakes will be made along the way. Attackers will innovate and succeed at some point, defenders will remediate and up their countermeasures and around and around the co-evolution we go."