Credit card processing service Slim CD, popular in the U.S. and Canada, has revealed a massive data breach that exposed the personal information of nearly 1.7 million customers. The hack, which went undetected for almost a year, has raised serious concerns about data security in the financial sector.

The Florida-based company, which offers payment gateway services and develops credit card-processing software, discovered suspicious activity in its computer environment on June 15, 2024, according to a customer notification letter dated September 6. The company later determined that unauthorized access to its systems occurred between August 17, 2023, and June 15, 2024.

Slim CD warned that this breach may have allowed hackers to view or obtain sensitive customer data, including names, addresses, credit card numbers, and card expiration dates. A filing with the Maine Attorney General's office estimates that over 1.69 million customers were affected. Despite the scale of the breach, Slim CD has not offered any identity theft protection services to those impacted.

In its notification to customers, Slim CD urged vigilance against potential identity theft and fraud. The company recommended that affected individuals regularly review their account statements, monitor credit reports for suspicious activity, and consider placing a "fraud alert" or "credit freeze" on their credit files to protect against unauthorized transactions.

The Slim CD incident is just the latest in a series of cyber attacks targeting financial institutions. In June, Evolve Bank & Trust, based in Tennessee, suffered a data breach that compromised sensitive information, including customers’ Social Security numbers and bank account details. Earlier in February, Prudential Financial disclosed a breach impacting over 2.55 million customers.

Cybersecurity experts warn that such attacks are becoming increasingly common in the finance industry. A July report by SOCRadar, a computer security firm, found that data breaches and leaks account for 62.52% of cyber threats targeting financial institutions, followed by credit card fraud and unauthorized access sales. The report identified the United States as one of the most frequently targeted countries for these cyber attacks.

A second-quarter analysis by Check Point Research found a 30% increase in global cyber attacks, with the finance and banking sector ranking as the fourth most targeted industry, trailing only retail/wholesale, healthcare, and manufacturing.

As cyber threats escalate, government agencies are taking note. The U.S. Department of Treasury released a report in March highlighting the "capability gap" in managing AI-specific cybersecurity threats between large and small financial institutions. While larger institutions are building their own AI systems to counter threats, smaller firms like Slim CD may lack the resources to do so, leaving them vulnerable to increasingly sophisticated attacks.

With the financial sector under siege, Slim CD’s data breach serves as a stark reminder of the need for robust cybersecurity measures to protect customer information in an age of growing digital threats.