Industry News

CeX data breach leaked data of 2 million customers

UK-based second-hand gaming reseller CeX confirmed they suffered an online security breach that led to the theft two million registered website customers’ personal data, including full names, addresses, email addresses and phone numbers.

“In a small number of instances, it may include encrypted data from expired credit and debit cards up to 2009. No further financial information has been shared,” the company said.

Although financial information was leaked, it was from before 2009 when CeX stopped storing debit and credit card information.

“A small amount of encrypted data from expired credit and debit cards may have been compromised,” reads the release. “We would like to make it clear that any payment card information that may have been taken, has long since expired as we stopped storing financial data in 2009.”

The company assured their customers that they are taking the matter “extremely seriously” and they are “are investigating this as a priority and are taking a number of measures to prevent this from happening again.”

All affected users will receive an informative email. Just in case, account holders for should be immediately updated because “although your password has not been stored in plain text, if it is not particularly complex then it is possible that in time, a third party could still determine your original password and could attempt to use it across other, unrelated services.”

About the author


From a young age, Luana knew she wanted to become a writer. After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats. Luana is a supporter of women in tech and has a passion for entrepreneurship, technology, and startup culture.