CurrentC Hacked - is it really more secure?


CurrentC Hacked - is it really more secure?

October 29, 2014 2:42 PM

By: Don Parsons


In a continuing to develop story of CurrentC vs Apple Pay, CurrentC has just taken a blow with it being hacked. Currently, CurrentC is in an early trial program that is being used in certain areas with retailers like Walmart who support CurrentC over Apple Pay.

CurrentC was hacked and within 36hours, they were able to release a statement on the investigation conducted by MCX Security.




Within the last 36 hours, we learned that unauthorized third parties obtained the email addresses of some of you,” CurrentC writes. “Based on investigations conducted by MCX security personnel, only these email addresses were involved and no other information.”
They went on to say that no financial information was taken and that they will never request financial account, social security number or other identifiable information. This is likely to warn people that if they receiving information asking for that from someone seeming like MCX, it is a phising attempt.

The hack happened not long after Walmart stated that security was one of the prime reasons for their decision to refuse to support Apple Pay and support Current C. While that appeared someone fishy at first glance, the inevitable swarm of phising attacks that will occur from this make it look even more ludicrous in hindsight.

While an email hack is about as low on the security totem as it is possible it is still a concern that it has happened so quickly. Especially given that CurrentC is directly connected to the users bank account any type of hacking into it has to be regarded with some alarm as it means they are that much closer to having all of that information, as well as all the tracking info that the CurrentC app stores in name of ‘improving your experience’.



Before the hack, MCX’s CEO Dekkers Davidson highlighted CurrentC’s privacy focus:

Consumers’ privacy and data security are our top priorities. CurrentC will empower consumers and merchants to make informed decisions regarding how information can be shared through our privacy dashboard. Because we have a number of merchants that have pharmacies, MCX may end up interacting with limited information in the course of processing payments such as location and transaction amount. As a result, MCX is bound by law to adhere to strict rules regarding the privacy of consumers’ information. Our compliance with this law is required by HIPAA. CurrentC does not collect any information from any other apps, or health information stored in the mobile device. The CurrentC privacy policy provides extensive details about the application’s information collection, use, sharing and retention practices and we will continue to be transparent about it.
If you want to find out more about the issues with CurrentC and security, we strongly urge that you read TechCrunch’s article on the topic.
Don Parsons
Author: Don Parsons | Senior Writer / Investigative Lead
A longtime lover of speculative fiction, in almost all its forms, Don joined TechRaptor in 2014 on a whim sending in an application as he was looking for somewhere to write. His application accepted… Read More