Dixons Carphone has suffered one of the UK’s biggest data breaches as the company revealed on Wednesday that hackers tried to steal almost six million credit card records and personal data from more than one million customers.
Dixons Carphone plc is Europe’s leading specialist electrical and telecommunications retailer and services company, employing over 42,000 people in eight countries.
According to the company, there was an attempt to compromise 5.9 million cards in one of the processing systems of Currys PC World and Dixons Travel stores. 5.8 million of these cards have chip and pin protection, and the data accessed in respect of these cards contains neither pin codes, card verification values (CVV) nor any authentication data enabling cardholder identification or a purchase to be made.
Approximately 105,000 non-EU issued payment cards which do not have chip and pin protection have been compromised, the company stated. The company also stated that 1.2 million records containing non-financial personal data, such as name, address or email address, have been accessed.
The company is taking precautionary measures and says it has notified the relevant card companies via their payment provider about all these cards so that they could take the appropriate measures to protect customers. According to them, they have found no evidence of any fraud on these cards as a result of this incident.
“We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and we’ve fallen short here,” said Dixons Carphone Chief Executive, Alex Baldock. “We’ve taken action to close off this unauthorized access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.”
The National Crime Agency is working with the National Cyber Security Centre, the Financial Conduct Authority and the Information Commissioner’s Office on the breach.