Attackers access 5.9 million card details

Hacking targets customers of Currys PC World

Dixons Carphone reveals it has uncovered unauthorised access of customer’s data

United Kingdom retailer Dixons Carphone has confirmed there has been unauthorized access to user data held by the company. "We have no evidence to date of any fraudulent use of the data as result of these incidents".

The company said 5.8 million of the payment cards targeted were protected by chip and Pin, but that around 105,000 non-EU cards without chip and Pin protection were compromised.

It admitted non-financial personal data, such as name, address or email address, was accessed but it again insisted that it had seen no evidence of any fraud at this stage.

The company said it had informed the relevant authorities, including the Information Commissioner's Office, the Financial Conduct Authority, and the police.

The company's shares lost 5% of their value when trading began on Wednesday morning shortly after the disclosure.

Dixons Carphone, the firm which runs well-known tech outlets in the United Kingdom including Currys, PC World, and Carphone Warehouse admits that it suffered a data breach in July 2017. The protection of our data has to be at the heart of our business, and weve fallen short here.

Resident Evil 2 remake for PS4 gets first terrifying trailers at E3
The press and fan reaction to Resident Evil 2 when we said "We Do It" in 2015 has been overwhelming. Later today, we're expecting to see more Resident Evil 2 Remake gameplay drop around 4pm PST.

Dixons Carphone said it had immediately notified the relevant card companies so that they could protect customers.

Dixons Carphone is one of Europe's leading mobile phone and electrical goods retailers, operating stores including Currys PC World and Carphone Warehouse.

Video: Equifax teaches us what not to do after a data breach.

While the breach took place last July, Dixons Carphone only realised that it had occurred in the last week and the notification delay of nearly a year was not a case of the firm covering up the fact, allegedly.

The group added it did not believe the personal data accessed had left the group's systems, but was advising those affected on protective steps they should take.

The company does not reveal when its systems were compromised; nor exactly when it discovered the intrusion; nor how long it took to launch an investigation - writing only that: "As part of a review of our systems and data, we have determined that there has been unauthorised access to certain data held by the company". It said since the 2015 attack it had worked extensively with cyber security experts to upgrade its security systems.

Latest News