What we know: The intention was to take control of customers' accounts to gain access to the services.
What remained secure? Personal Information such as name of customer and financial information.
Recommendation: We recommend changing passwords on your account to add additional layers of security. We had found a flaw in the system, and this has since been patched.
How many accounts were affected? 2 user accounts. They have since been contacted and this has been resolved.