Dixons Carphone has admitted a huge information breach related to 5.9 million fee playing cards and 1.2 million personal knowledge information.
It is investigating the hacking try, which started in July ultimate year.
Dixons Carphone mentioned it had no proof that any of the cards have been used fraudulently following the breach.
There was “an try to compromise” 5.8 million credit score and debit cards but only ONE ZERO FIVE,000 playing cards with out chip-and-pin coverage had been leaked, it stated.
The hackers had tried to gain get admission to to at least one of the processing methods of Currys PC Global and Dixons Shuttle stores, the firm said.
Symbol copyright PA
Research: BBC technology correspondent Rory Cellan-Jones
On the face of it, this is an excessively severe incident.
Regularly while firms document a knowledge breach, they’re very fast to reassure us that even as names, e-mail addresses and login could have been accessed, no payment knowledge has been launched.
that is no longer the case right here, with Dixons admitting that hackers got access to information of nearly six million fee cards.
the nice news is that almost all of them have been secure through excellent old chip and pin – and there’s no proof of any fraud relating to the 100,000 non-European cards which didn’t have that coverage.
However there are nonetheless questions for Dixons Carphone to reply to.
Why has a hack that it seems that took place just about a yr in the past most effective been revealed now?
And is there any connection to a prior knowledge breach at Carphone in 2015?
Dixons insists that it most effective found out this recent hack every week ago and it has no connection with any earlier incident.
however the UNITED KINGDOM Information Commissioner’s Office (ICO), which fined Carphone Warehouse £FOUR HUNDRED,000 for the 2015 breach, will now be having a look very carefully at this recent failing of the merged corporations.
Thankfully for Dixons, the incident came about earlier than the brand new GDPR rules, which promise so much bigger fines, came into force.
The 1.2 million non-public information records accessed through the hackers consisted of non-monetary data corresponding to names, addresses and e-mail addresses.
Carphone Warehouse mentioned it had no proof that the information had left its systems or led to any fraud, but it surely was once contacting those affected to propose them.
It brought that it had introduced in leading cyber-mavens and brought further security measures to its systems.
Dixons Carphone chief govt Alex Baldock mentioned it was “extraordinarily disappointed” by way of the data breach and “sorry for any disenchanted”,
“the security of our knowledge has to be on the middle of our industry, and we now have fallen short right here.
“We’ve Got taken action to close off this unauthorised get admission to and though we have recently no evidence of fraud as a results of these incidents, we’re taking this extraordinarily critically,” he delivered.
Tough challenges
Bryan Glick, editor in chief of Laptop Weekly, advised the BBC that the breach was “right up there” as one in all the largest to date concerning a UK company.
However, he suggested in opposition to any panic. “If you have not heard from Dixons Carphone to provide you with a warning, the possibilities are you might be OK,” he stated.
Carphone Warehouse is one in every of many Top Street shops feeling the tension of tough financial challenges.
Last month, it warned of a pointy fall in earnings this yr and said it could close 92 of its more than 700 Carphone Warehouse stores.