Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Dixons Carphone Breach: Much Larger Than First Thought

A data breach at Dixons Carphone that was made public last month

A data breach at Dixons Carphone that was made public last month resulted in 10 million records being accessed by unknown actors, the consumer UK electronics retailer announced Tuesday.

The company initially said that only 1.2 million records containing personal data of its customers, such as name, address or email address, were accessed during the intrusion. They also claimed that the accessed data did not include financial information.

In an update released this week (PDF), the company revealed that hackers were able to access approximately 10 million records containing personal data. The incident happened last year, but no specific details on when or how the intrusion took place were provided.

Although it initially said that the attackers were attempting to access 5.9 million cards and that 105,000 non-EU issued payment cards were indeed compromised, the company now says that the impacted records did not contain payment card details.

“While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated,” Dixons Carphone said.

The company also announced that it has decided to inform all of its customers of the data breach. The retailer claims that this is only a precaution and that it only apologizes to customers, while advising them of available protective steps they could take to minimize the risk of fraud.

“As we indicated previously, we have taken action to close off this access and have no evidence it is continuing,” the company said.

 Related: HR Services Firm ComplyRight Suffers Data Breach

Related: Typeform Data Breach Hits Many Organizations

Related: Possible Data Breach at Adidas Could Impact Millions of U.S. Customers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Funding/M&A

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...