It was recently disclosed that Slim CD, a payment gateway, suffered a data breach that exposed many, many credit card accounts (nearly 1.7 million) from August 17th, 2023, until June 15th, 2024.
Let’s discuss the situation and how it provides a lesson for your business to take seriously.
What Happened With Slim CD?
Around June 15th, the payment processor identified some suspicious activity in its network and, upon launching a full investigation with the assistance of a third-party specialist, discovered that someone had gained access to their systems sometime between August 17th, 2023, and June 15th, 2024. This access allowed the responsible party to view and potentially collect sensitive information—names, addresses, credit card numbers, and expiration dates—between June 14th and 15th.
To its credit, Slim CD has met its legal obligations, reporting the incident to federal and regulatory authorities and sending emails to those potentially impacted by the breach.
What You Should Do If You’re Contacted As An Affected Party
In the case that Slim CD should contact you (or even if you’re just concerned about the possibility), there are various steps that you should take to help reduce the chance of fraud or identity theft:
- Alert your credit card company and your bank about the chance of fraud. This establishes a precedent that will help eliminate your liability.
- Monitor credit card statements and credit reports for unusual or unauthorized activity. Credit monitoring and card alert services can help with this, and a credit freeze or fraud alert can help prevent it further.
- Update your passwords, just in case. Passwords are commonly stolen in data breaches as a rule, so by changing yours, you make the stolen data that much less useful.
- Request a new card from the credit card company. Many financial institutions will issue a replacement (with new details) for free if your data may have been breached.
- Keep an eye out for phishing attempts and—in this case—be extra careful about any communication from Slim CD or your bank. Many cybercriminals will try to extract even more information using their already existing data.
What Businesses Can Do to Reduce The Chance of Breaches
Of course, it is essential for all businesses, not just payment processors, to keep their data secure. A few methods will prove effective in doing this.
First and foremost, ensure that your security tools and measures are kept up to date, updating your cybersecurity solutions whenever an update is available.
Second, ensure your team members abide by security best practices, particularly regarding their passwords.
Third, ensure your team is trained to spot potential threats and report them to the appropriate resources. This can help eliminate many issues before they manifest.
We Can Help
At Lantek, we don’t stop at providing the businesses of Pennsylvania with comprehensive and proactive IT services. We also want to make sure that they are as protected as possible to help minimize their cybersecurity risks. Give us a call at (610) 683-6883 to learn what we can do to help defend your business.