SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Data breach
Dixons Carphone data breach toll rises to 10m customers
Wed, 1st Aug 2018
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

In another twist of the knife for Europe technology firm Dixons Carphone, the company has admitted that a major data breach back in 2017 is now much bigger than first thought.

The Dixons Carphone breach made headlines on June 13 2018 when it announced that it had been hit by a data breach that affected an estimated 1.2 million customers. The company has now reviewed that figure and says the breach actually affected 10 million customers.

In a June press release, Dixons Carphone stated that breach attempted to compromise 5.9 million cards in a processing system for Currys PC World and Dixons Travel stores, and it also attempted to compromise 1.2 million records that contained personal data including names, addresses, and email addresses.

But more than a month later as the investigation nears completion, the company admits that approximately 10 million records containing personal data may have been accessed during the 2017 breach.

“While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated,” the company says in a statement.

Dixons Carphone chief executive Alex Baldock says the company is “disappointed” that it has suffered a breach.

“[We're] very sorry for any distress we've caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.

Baldock adds that the company has been working round-the-clock to remediate the problems ever since the breach was discovered in the company's data security review.

“That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today.

Dixons Carphone is contacting all customers to apologise and provide tips to reduce the risk of fraud.

“As we indicated previously, we have taken action to close off this access and have no evidence it is continuing. We continue to make improvements and investments at pace to our security environment through enhanced controls, monitoring and testing.

Dixons Carphone provides electrical and mobile products, connectivity, and after-sales services from Team Knowhow.

Dixons Carphone's primary brands include Currys PC World and Carphone Warehouse in the UK - Ireland, Elkjøp, Elkjøp Phonehouse, Elgiganten, Elgiganten Phone House, Gigantti in the Nordic countries, Kotsovolos in Greece, and Dixons Travel in a number of UK airports as well as Dublin and Oslo. The company's key service brand is Team Knowhow in the UK, Ireland and the Nordics.

Dixons Carphone shares are trading at GBP176.10 as of July 30.

Related stories
Qualys offers free cybersecurity platform access after NCSC guidance
Cado Security unmasks Cerber ransomware threat to Confluence servers
ExpressVPN research raises awareness of DNS leak risks
Keepit appoints cybersecurity veteran Kim Larsen as new CISO
Booming AI deepfake detector market set to hit USD $5.7 million by 2034
Top stories
Absolute Security focuses on cyber resilience in company rebrand
Armis acquires Silk Security for a total of $150M
Most enterprise PCs ill-equipped for AI-induced security threats
92% of global PCs ill-equipped for modern AI, warns Absolute Security
Three ways employees can spot a deepfake scam