CurrentC is the most unpopular mobile payment system and it hasn’t even launched yet. The Apple Pay and Google Wallet competitor may be backed by a powerful coalition of retailers called the MCX (Merchant Customer Exchange), which includes Walmart, Best Buy, Gap, and others, but that didn’t prevent it from being hacked.
MCX sent an email to users of the CurrentC pilot program, stating that its systems have been hacked. In the past 36 hours, an unauthorized party stole the email addresses of several participants and other people who expressed interest in CurrentC. It’s unclear if other information, including payment data, home addresses, or personal phone numbers was also stolen during the hack.
However, based on MCX’s findings, it sounds like most of the app’s testers were not affected by the breach. Only the emails of the earliest testers were stolen and many of those email accounts were dummies setup to test the service before unleashing it on real beta users. MCX assured its users that it is looking into the hack and has communicated directly with all the users who were affected by the hack.
Meanwhile, Google Wallet and Apple Pay users openly attacked CurrentC in editorials, on social media, and in reviews of the app on the Goole Play Store and the iOS App Store. It hasn’t launched yet, but CurrentC already has thousands of negative reviews and a very bad reputation. NFC tap-to-pay fans deem its QR code scanning system unintuitive and others have accused it of being unsafe.
After this recent hack, CurrentC may never recover. Looks like that NFC payment ban at CVS, RiteAid, and other stores might be short-lived.
Here is the full email:
A MESSAGE TO OUR CUSTOMERS
Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.
In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties. Also know that neither CurrentC nor Merchant Customer Exchange (MCX) will ever send you emails asking for your financial account, social security number or other personally identifiable information. So if you are ever asked for this information in an email, you can be confident it is not from us and you should not respond.
MCX is continuing to investigate this situation and will provide updates as necessary. We take the security of your information extremely seriously, apologize for any inconvenience and thank you for your support of CurrentC.