Dixons Carphone data breach hit extra 9m customers

[ItsMitch]

S: Sky News & ICO

 

Summary:

• Back in 13th June it was reported they had found a breach hitting 5.9m users
• Bank card details was stolen in that time period dating back to 2017.
• Confirmed today that an extra 10m users was affected dating back to 2017
• Details confirmed stolen are: Names, DoBs, phone numbers, and all customer purchases. 

Dixons Carphone is one of the biggest electronic retailer in the UK that runs PC World Curries and of course, Carphone Warehouse respectively and it has came out today to confirm it's breach last month was "higher than expected" at around 7.1 million users, a revision of 1.2 million, however, they go on further to state that a roughly 10 million records may have been improperly accessed by outside parties which date back to 2017. Dixon has since apologized to all it's customers again for the breach and promises to reach out to each customer to offer an appropriate solution (imho it'll go like "please don't sue us, we'll give you money to shut the fuck up") 

Quote

Dixons Carphone has apologised to all of its customers after revealing that a 2017 data breach affected personal data held in an additional 8.8 million customer records.

 

The admission early on Tuesday is the second revelation related to the data breach in six weeks and the third since 2015.

 

The company says it was alerted to the breach by investigators on Monday evening.

 

Sky News reported in June that the company said it believed there had been other recently discovered attempts since last year to compromise 5.9 million cards in one of its processing systems for Currys PC World and Dixons Travel stores.

Dixon's statement

Quote

After acknowledging that customer data had been compromised a second time since last year, Dixons Carphone chief executive Alex Baldock said the company had been working "around the clock" to put it right.

 

He said: "That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today."

 

He added: "Again, we're disappointed in having fallen short here, and very sorry for any distress we've caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us."

ICO issued a statement on their website (ICO are the UK's Public Information Commissioner's Office)

Quote

“Dixons Carphone reported a data breach to the ICO in June. The company has now confirmed that the incident affected the personal data of 10 million records, which is significantly higher than initially stated.

 

“Our investigation into the incident is ongoing and we will take time to assess this new information. In the meantime, we would expect the company to alert all those affected in the UK as soon as possible and to take all steps necessary to reduce any potential harm to consumers.”