Major UK electrical retailer Dixons Carphone confirms it was hacked
Nearly six million card records have been compromised.
One of Europe's largest electrical retailers has been the subject of a cyber attack that's compromised more than 5.9 million card records and as many as 1.2 million personal accounts. Dixons Carphone, the owner of Currys PC World and Dixons Travel stores, says that most of these cards have chip and pin protection and noted that the data accessed doesn't include PIN numbers, card verification values (CVV) or any authentication data "enabling cardholder identification or a purchase to be made." However, some 105,000 cards were from non-EU countries and do not have the chip and pin feature.
Of course, all 5.9 million card numbers could potentially be used for online purchases where the chip and pin system doesn't protect against fraudulent use -- though it would be difficult without a CVV or billing address.
In the course of the company's investigation, it also found that 1.2 million records containing non-financial personal data, such as names and addresses, had also been accessed, although it's not clear what part of the company this information relates to.
In a statement, the company said that it has "no evidence to date of any fraudulent use of the data as a result of these incidents," and that the attack has been stopped thanks to additional security measures. However, Dixons Carphone CEO Alex Baldock admitted that the company had "fallen short" with the protection of its data. For the UK's biggest tech retailer outside of Amazon, that's a worrying acknowledgement.
Update, 2PM ET: This article has been updated with more details on exactly what data the hackers accessed and how it could potentially be used.
