22 June, 2018 : Dixons Carphone admits data breach. Dixons Carphone has admitted that a colossal data breach ocurred during a hacking attempt in July last year. The company is investigating the incident, which involves 5.9 million payment cards and 1.2 million personal data records. Dixons Carphone said it had no evidence that any of the payment cards had been fraudulently used following the breach. A spokesperson from the firm commented:
The hackers had tried to gain access to one of the processing systems of Currys PC World and Dixons Travel stores.
There was “an attempt to compromise” 5.8 million credit and debit cards but only 105,000 cards without chip-and-pin protection had been leaked, the firm said. A spokesperson for the National Cyber Security Centre said it was “working with Dixons Carphone and other agencies to understand how this data breach has affected people in the UK and advise on mitigation measures”. In an interview with the BBC Bryan Glick, editor in chief of Computer Weekly said that the data breach was “right up there” as one of the biggest to date involving a UK company. However, he cautioned against any panic. “If you’ve not heard from Dixons Carphone to warn you, the chances are you’re OK,” he said.
The 1.2 million personal records which were accessed by the hackers contained non-financial data such as names, addresses and email addresses. Carphone Warehouse said it found no evidence that any data had left its systems, or was subject to any fraud. However, the firm was contacting individuals affected by the breach to advise them. It added that leading cyber-experts had been brought in to assist with extra security measures. Alex Baldock, Dixons Carphone chief executive said the company was “extremely disappointed” by the data breach and “sorry for any upset”…
The protection of our data has to be at the heart of our business, and we’ve fallen short here. We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.
Editor’s comment: When a large corportation like Dixons Carphone admits data breach issues such as described in this news story, it is a stark reminder that no organisation can ever be 100% safe from a cyber attack. A breach involving customers’ personal data can result not only in sunstantial fines, but serious potential damage to a company’s reputation and brand. More Data Breach stories