SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Dixons Carphone data breach toll rises to 10m customers

Wed, 1st Aug 2018
FYI, this story is more than a year old

In another twist of the knife for Europe technology firm Dixons Carphone, the company has admitted that a major data breach back in 2017 is now much bigger than first thought.

The Dixons Carphone breach made headlines on June 13 2018 when it announced that it had been hit by a data breach that affected an estimated 1.2 million customers. The company has now reviewed that figure and says the breach actually affected 10 million customers.

In a June press release, Dixons Carphone stated that breach attempted to compromise 5.9 million cards in a processing system for Currys PC World and Dixons Travel stores, and it also attempted to compromise 1.2 million records that contained personal data including names, addresses, and email addresses.

But more than a month later as the investigation nears completion, the company admits that approximately 10 million records containing personal data may have been accessed during the 2017 breach.

"While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated," the company says in a statement.

Dixons Carphone chief executive Alex Baldock says the company is "disappointed" that it has suffered a breach.

"[We're] very sorry for any distress we've caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.

Baldock adds that the company has been working round-the-clock to remediate the problems ever since the breach was discovered in the company's data security review.

"That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today.

Dixons Carphone is contacting all customers to apologise and provide tips to reduce the risk of fraud.

"As we indicated previously, we have taken action to close off this access and have no evidence it is continuing. We continue to make improvements and investments at pace to our security environment through enhanced controls, monitoring and testing.

Dixons Carphone provides electrical and mobile products, connectivity, and after-sales services from Team Knowhow.

Dixons Carphone's primary brands include Currys PC World and Carphone Warehouse in the UK - Ireland, Elkjøp, Elkjøp Phonehouse, Elgiganten, Elgiganten Phone House, Gigantti in the Nordic countries, Kotsovolos in Greece, and Dixons Travel in a number of UK airports as well as Dublin and Oslo. The company's key service brand is Team Knowhow in the UK, Ireland and the Nordics.

Dixons Carphone shares are trading at GBP176.10 as of July 30.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X