The company has sent an email to pilot users which reads:
Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we
learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.
In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties. Also know that neither CurrentC nor Merchant Customer Exchange (MCX) will ever send you emails asking for your financial account, social security number or other personally identifiable information. So if you are ever asked for this information in an email, you can be confident it is not from us and you should not respond.
A PR rep for CurrentC confirmed the email saying:
"Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of our CurrentC pilot program participants and individuals who had expressed interest in the app. Many of these email addresses are dummy accounts used for testing purposes only. The CurrentC app itself was not affected.
We have notified our merchant partners about this incident and directly communicated with each of the individuals whose email addresses were involved. We take the security of our users’ information extremely seriously. MCX is continuing to investigate this situation and will provide updates as necessary."
Ultimately, the hack isn't a major one but it is an embarrassing one as CurrentC has been thrust into the spotlight after retailers began disabling Apple Pay in favor of the mobile payment solution. More details on how CurrentC works here.