Dixons Carphone under investigation after data breach
5.9 million Dixons Carphone customers have had their payment cards breached, and a further 1.2 million personal data records accessed in almost a year-long attack.
The electronics retailer revealed that hackers had gained access to the Currys PC World and Dixon Travel systems beginning last July, and the breach had only been patched recently. Of the cards affected in the hack, the majority were protected by chip and pin, however approximately 100,000 were older or non-European cards with no such protection.
The National Cyber Security Centre is working with the retailer in cleanup and review measures.
“Anyone concerned about fraud or lost data should contact Action Fraud,” said the NCSC. “We recommend that people are vigilant against any suspicious activity on their bank accounts.”
Dixons Carphone chief executive Alex Baldock said the company was addressing the attack, and apologised to customers.
“We are extremely disappointed and sorry for any upset this may cause.
“The protection of our data has to be at the heart of our business, and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.”
The Information Commissioner’s Office said they were conducting an investigation into the breach, working with the NCSC and the Financial Conduct Authority.
“We will look at when the incident happened and when it was discovered as part of our work, and this will inform whether it is dealt with under the 1998 or 2018 Data Protection Acts,” said a spokesman for the independent watchdog.
The distinction between which regulation the incident falls under could have large implications for Dixons.
Earlier data protection laws have a maximum fine of £500,000. However the recently enacted General Data Protection Regulation comes with a maximum fine of £17.6 million or 4% of global revenue.
The GDPR act came into effect May 25th, before the breach was located and shut down by Dixons.
The attack is not the only one Dixons has had to deal with in recent times. The Carphone Warehouse was hit with a breach in 2015, which resulted in a £400,000 fine from the ICO.
Dutch And Maltese Gaming Regulators Signs MoU To Prevent Illegal Gambling
The Purpose of MoU Under the MoU, there will be an enhanced cooperation between the…
Operators Pull Out Japan Casino Plans Amidst Uncertain Gambling Regulations
The casinos needed to submit tedious requirements before legalizing the business and face heavy taxes…
GrooveGaming Extends Contract With BetConstruct
The success of the merger showed a high demand for online casino products. GrooveGaming exploited…
Chile’s Casino Operators Receives Coronavirus Relief From Creditors, Investors
The gambling industry is among the industries which suffered the biggest losses. The casinos shut…
A Total Of 70 Gambling Ads Have Been Found By ASA, UK in Q2 2020 on Sites Familiar With Young Audience
The authority has not yet declared the names of the operators, which have been running…
Shape Games Co-Founder Indicates Their Plan To Go Completely Native
The co-founder states that this transformation is in response to tech-giant Apple's revolutionary announcement made…