Home / Tag Archives: dixons

Tag Archives: dixons

Dixons Carphone now says ~8.8M more customers affected by 2017 breach

A Dixons Carphone  data breach that was disclosed earlier this summer  was worse than initially reported. The company is now saying that personal data of 10 million customers could also have been accessed when its systems were hacked. The European electronics and telecoms retailer believes its systems were accessed by unknown and unauthorized person/s in 2017, although it only disclosed the breach in June , after discovering it during a review of its security systems. Last month it said 5.9M payment cards and 1.2M customer records had been accessed. But with its investigation into the breach “nearing completion”, it now says approximately 10M records containing personal data (but no financial information) may have been accessed last year — in addition to the 5.9M compromised payment cards it disclosed last month. “While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated,” the company said in a statement. In terms of what personal data the 10M records contained, a Dixons Carphone spokeswoman told us: “This continues to relate to personal data, and the types of data that may have been accessed are, for example, name, address or email address.” The company says it’s taking the precaution of contacting all its customers — to apologize and advise them of “protective steps to minimize the risk of fraud”. It adds it has no evidence that the unauthorized access is continuing, having taken steps to secure its systems when the breach was discovered last month, saying: “We continue to make improvements and investments at pace to our security environment through enhanced controls, monitoring and testing.” Commenting in a statement, Dixons Carphone CEO, Alex Baldock, added: “Since our data security review uncovered last year’s breach, we’ve been working around the clock to put it right. That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today. “Again, we’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.” Back in 2015, Carphone Warehouse, a mobile division of Dixons Carphone, also suffered a hack which affected around 3M people. And in January the company was  fined £400k by the ICO as a consequence of that earlier breach. Since then new European Union regulations ( GDPR ) have come into force which greatly raise the maximum penalties which regulators can impose for serious data breaches

Read More »

Dixons Carphone says millions more customers affected by 2017 breach

A Dixons Carphone  data breach that was disclosed earlier this summer  was worse than initially reported. The company is now saying that personal data of 10 million customers could also have been accessed when its systems were hacked. The European electronics and telecoms retailer believes its systems were accessed by unknown and unauthorized person/s in 2017, although it only disclosed the breach in June , after discovering it during a review of its security systems. Last month it said 5.9M payment cards and 1.2M customer records had been accessed. But with its investigation into the breach “nearing completion”, it now says approximately 10M records containing personal data (but no financial information) may have been accessed last year — in addition to the 5.9M compromised payment cards it disclosed last month. “While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated,” the company said in a statement. In terms of what personal data the 10M records contained, a Dixons Carphone spokeswoman told us: “This continues to relate to personal data, and the types of data that may have been accessed are, for example, name, address or email address.” The company says it’s taking the precaution of contacting all its customers — to apologize and advise them of “protective steps to minimize the risk of fraud”. It adds it has no evidence that the unauthorized access is continuing, having taken steps to secure its systems when the breach was discovered last month, saying: “We continue to make improvements and investments at pace to our security environment through enhanced controls, monitoring and testing.” Commenting in a statement, Dixons Carphone CEO, Alex Baldock, added: “Since our data security review uncovered last year’s breach, we’ve been working around the clock to put it right. That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today. “Again, we’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.” Back in 2015, Carphone Warehouse, a mobile division of Dixons Carphone, also suffered a hack which affected around 3M people

Read More »

Dixons Carphone discloses data breach affecting 5.9M payment cards, 105k of which were compromised

European electronics and telecoms retailer Dixons Carphone has revealed a hack of its systems in which the intruder/s attempted to compromise 5.9 million payment cards. In a statement  put out today it says a review of its systems and data unearthed the data breach. It also confirms it has informed the UK’s data watchdog the ICO, financial conduct regulator the FCA, and the police. According to the company, the vast majority of the cards (5.8M) were protected by chip-and-PIN technology — and it says the data accessed in respect of these cards contains “neither pin codes, card verification values (CVV) nor any authentication data enabling cardholder identification or a purchase to be made”. However around 105,000 of the accessed cards were non-EU issued, and lacked chip-and-PIN, and it says those cards have been compromised. “As a precaution we immediately notified the relevant card companies via our payment provider about all these cards so that they could take the appropriate measures to protect customers. We have no evidence of any fraud on these cards as a result of this incident,” it writes. In addition to payment cards, the intruders also accessed 1.2M records containing non-financial personal data — such as name, address or email address. “We have no evidence that this information has left our systems or has resulted in any fraud at this stage. We are contacting those whose non-financial personal data was accessed to inform them, to apologise, and to give them advice on any protective steps they should take,” the company adds. In a statement about the breach, Dixons Carphone chief executive, Alex Baldock, said: “We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and we’ve fallen short here. We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously. “We are determined to put this right and are taking steps to do so; we promptly launched an investigation, engaged leading cyber security experts, added extra security measures to our systems and will be communicating directly with those affected

Read More »