Dixons Carphone says 10 million customer records may have been accessed in 2017 cyber attack

Theft could now affect ten times more people than retailer first thought

Tom Barnes
Tuesday 31 July 2018 08:54 BST
Comments
Dixons Carphone said last month it believed only 1.2 million customers' personal data had been accessed
Dixons Carphone said last month it believed only 1.2 million customers' personal data had been accessed

Retailer Dixons Carphone has announced 10 million customer records containing personal data may have been accessed when it was hit by a cyber attack in 2017.

The electricals giant said on Tuesday the data breach was almost 10 times larger than previously announced in June, when it believed non-financial personal information of 1.2 million customers had been obtained by hackers.

But the firm said there was no evidence fraud had taken place despite the potential data theft of millions of shoppers' details including names, addresses or email details from its systems.

“While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted,” the company said in a statement.

“We are continuing to keep the relevant authorities updated.

“As a precaution, we are choosing to communicate to all of our customers to apologise and advise them of protective steps to minimise the risk of fraud.

“As we indicated previously, we have taken action to close off this access and have no evidence it is continuing.”

The company last month said bank card details of 5.9 million customers had been hacked, although the vast majority were protected by chip and pin.

Around 105,000 non-EU cards were thought to have been compromised during the cyber attack.

In a statement at the time, the retailer added relevant card companies had been notified, but said there was no evidence of fraud on the cards as a result of the incident.

Dixons Carphone owns a number of well-known high street brands including Currys PC World and Carphone Warehouse.

Its chief executive, Alex Baldock, said on Tuesday: “Since our data security review uncovered last year's breach, we've been working around the clock to put it right.

“That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today.

“I want to assure them that we remain fully committed to making their personal data safe with us.”

Additional reporting by PA

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in