sb-as logo
Story image

Dixons Carphone data breach toll rises to 10m customers

01 Aug 2018

In another twist of the knife for Europe technology firm Dixons Carphone, the company has admitted that a major data breach back in 2017 is now much bigger than first thought.

The Dixons Carphone breach made headlines on June 13 2018 when it announced that it had been hit by a data breach that affected an estimated 1.2 million customers. The company has now reviewed that figure and says the breach actually affected 10 million customers.

In a June press release, Dixons Carphone stated that breach attempted to compromise 5.9 million cards in a processing system for Currys PC World and Dixons Travel stores, and it also attempted to compromise 1.2 million records that contained personal data including names, addresses, and email addresses.

But more than a month later as the investigation nears completion, the company admits that approximately 10 million records containing personal data may have been accessed during the 2017 breach.

“While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated,” the company says in a statement.

Dixons Carphone chief executive Alex Baldock says the company is “disappointed” that it has suffered a breach.

“[We’re] very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.”

Baldock adds that the company has been working round-the-clock to remediate the problems ever since the breach was discovered in the company’s data security review.

“That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today.”

Dixons Carphone is contacting all customers to apologise and provide tips to reduce the risk of fraud.

“As we indicated previously, we have taken action to close off this access and have no evidence it is continuing. We continue to make improvements and investments at pace to our security environment through enhanced controls, monitoring and testing.”

Dixons Carphone provides electrical and mobile products, connectivity, and after-sales services from Team Knowhow.

Dixons Carphone’s primary brands include Currys PC World and Carphone Warehouse in the UK & Ireland, Elkjøp, Elkjøp Phonehouse, Elgiganten, Elgiganten Phone House, Gigantti in the Nordic countries, Kotsovolos in Greece, and Dixons Travel in a number of UK airports as well as Dublin and Oslo. The company’s key service brand is Team Knowhow in the UK, Ireland and the Nordics.

Dixons Carphone shares are trading at GBP176.10 as of July 30.

Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the cybersecurity lessons learned from the last 12 months
This is our seventh IT Jam with SonicWall, the cybersecurity company specialising in firewall, network security, cloud security and more.More
Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More