Published: Wed, June 13, 2018
Finance | By Claude Patterson

Hackers access payment details of 5,900,000 Dixons Carphone customers

Hackers access payment details of 5,900,000 Dixons Carphone customers

Dixons Carphone Plc said a cyberattack affected nearly 6 million payment cards as hackers sought unauthorized access to customers' personal data.

The major data breach involved shoppers at Currys PC World and Dixons Travel but bosses insist there is no sign of any related fraud.

In addition, Dixons Carphone said 1.2 million personal data records were hacked.

"As a precaution we immediately notified the relevant card companies via our payment provider about all these cards so that they could take the appropriate measures to protect customers".

It is contacting all those affected, but sought to assure customers it had no evidence that this had resulted in fraud at this stage.

The retailer added that 5.8 million of the compromised cards are protected by chip and pin number combinations.

"Cybercrime is a continual battle for business today and we are determined to tackle this fast-changing challenge", Chief Executive Officer Alex Baldock said in the statement. "We've taken action to close off this unauthorised access and though we have now no evidence of fraud as a result of these incidents, we are taking this extremely seriously", the CEO said.

The company has launched an investigation into the incident and is said to be engaged with cyber security experts.

"The fact this only came to light now thanks to a review of the company's systems and data and actually occurred in 2017 is also cause for some concern", he said.

The compromised data didn't include PIN codes, CVV numbers, or any other personal or authenticating information that could lead to fraudulent use.

The group said it had informed the Information Commissioner's Office (ICO), the Financial Conduct Authority (FCA) and the police about the incident.

Things haven't been looking too great for Dixons Carphone.

While the breach took place last July, Dixons Carphone only realised that it had occurred in the last week and the notification delay of nearly a year was not a case of the firm covering up the fact, allegedly.

"The NCSC website offers advice to organisations about ensuring their online security is as robust as possible, including guidance on protecting bulk personal data from cyber attack", they added.

Like this: