Dixons Carphone admits 2017 hack was bigger than first thought
The attack may now have affected as many as 10 million customers.
Dixons Carphone -- owner of major high street brands Currys PC World and Carphone Warehouse -- has confirmed that its 2017 cyber attack was much bigger than first anticipated. In an investor announcement, the company said that the breach affected as many as 10 million customers, up from the 1.2 million it acknowledged back in June.
Personal information, such as names, addresses and email addresses are thought to have been accessed in the attack, but bank details were supposedly untouched. "While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted. We are continuing to keep the relevant authorities updated," the company noted.
Hackers also got access 5.9 million payment card details, but Dixons Carphone insists they were protected by the Chip & PIN system, which may mean the attackers were unable to access full card records from compromised databases. The company insists it has put in place new security systems to safeguard customer data and is working with experts to prevent future intrusions.
"Since our data security review uncovered last year's breach, we've been working around the clock to put it right," said Dixons Carphone chief Alex Baldock. "That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today.
"As a precaution, we're now also contacting all our customers to apologise and advise on the steps they can take to protect themselves."
