Dixons Carphone Says Personal Data of 2.4 Million UK Customers Hacked

Carphone Warehouse
Source: Carphone Warehouse website

Dixons Carphone PLC (LON:DC), the parent company of Carphone Warehouse, a mobile phone retailer in the United Kingdom revealed that the personal data of 2.4 million customers were compromised in a cyberattack.

According to Dixons Carphone, there is a possibility that the hackers also gained access to the encrypted credit card information of up to 90,000 customers. The company discovered the cyberattack on one of its IT systems division in UK last week.

The company’s IT systems division maintains the OneStophoneShop.com, e2save.com, and Mobiles.co.uk websites, which were shut down on Saturday. The division also provides services to TalkTalk Mobile, Talk Mobile, and the iD Mobile of Carphone Warehouse.

Dixons Carphone implemented additional measure to secure its system

Dixons Carphone said immediate actions were taken to secure its system after discovering the cyberattack.

“We and our partners are contacting all those customers who may have been affected to inform them of the breach and to give them advice to reduce any risk and minimize inconvenience,” according to the company.

Sebastian James, CEO of Dixons Carphone emphasized, “We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems. He added that the company already implemented additional security measures.

Carphone Warehouse customers in Ireland not affected

The company assured its Carphone Warehouse customers in Ireland that their personal data was not affected by the cyberattack. Dixons Carphone also stated that the personal information of Currys, PC World and the “vast majority of Carphone Warehouse customers were not compromised and are kept separate systems.

Dixons Carphone advised customers to contact their banks or credit card providers to check for any unexpected transactions and monitor any suspicious account on their accounts.

The Information Commissioner’s Office (ICO), an independent body responsible for upholding information rights in the United Kingdom could impose a fine of as much as £500,000 to Dixons Carphone if found that it does not have enough measures to secure the personal data of customers.

Mike Spykerman, vice president of OPSWAT, a security software firm in San Francisco commented, “The reality is that data breaches are no longer a question of if, but when. At least some of the information at Carphone Warehouse was encrypted, but still a lot of personal data was not.