In Depth

Dixons Carphone admits 10 million customers hit by data breach

The figure is much higher than earlier estimates says the retailer

Technology retail giant Dixons Carphone has admitted that the massive customer data breach that occurred last year involved far more people than was originally thought. 

The retail group now says that the personal details of ten million people were leaked during the cyber attack that took place in July of last year. The figure is much greater than the 1.2 million estimate of six weeks ago, Sky News reports.

Data compromised in the attack includes dates of birth, addresses and phone numbers, the broadcaster says. 

Last month Dixons admitted that the information of 5.9 million payment cards was also leaked last year, but the BBC says the majority of these were protected by chip and pin security systems.

As for the ten million customers thought to have been hit by the hack, there’s no fresh evidence to suggest the hackers stole their customer bank details, the news service adds. 

Following the announcement, Dixons Carphone chief executive Alex Baldock apologised to customers. “We’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers”, he said.

Baldock said the company was “fully committed” to making customers’ personal data safe.

What happened?

Baldocks’s apology is unlikely to inspire customer confidence given the company’s recent security failures.

Initial reports from the retailer last month suggested Dixons Carphone was already aware of the full extent of the damage: the payment information of 5.9 million customers was leaked, as were the personal details of 1.2 million people.

Today’s announcement that the figure rose over eightfold from 1.2 million to ten million means the data breach is far more substantial than originally believed.

However, the company is keeping its lips sealed over how the data may have been used until the investigation is completed. No further details have been given by Dixons Carphone about the leaked card information and this suggests the figure of 5.9 million exposed customers hasn’t changed. 

But while 5.8 million of those cards were protected, The Guardian says that 105,000 payment methods were not secured by chip and pin. Dixons Carphone has yet to reveal whether these accounts were compromised. 

It’s still not known how the hack occurred, but the company says it has nearly completed its investigation into the incident and is “continuing to keep the relevant authorities updated”. 

What should Dixons Carphone customers do?

The consumer watchdog Which? says the first step is for customers to change their login information, not just for Dixons Carphone stores, but also for any other online retailers and banking systems. A password with at least eight-characters and no evidence of names or locations is the perfect way to create secure login information. 

The next step advised by the watchdog is for customers to “keep a close eye” on their bank accounts and other online accounts over the next few months.

“If you see anything unusual, contact your bank immediately and explain that you’ve been the victim of fraud”, Which? adds.

Be wary of strange emails requesting information or asking users to click on a link, says Tim. If the email looks legitimate but is asking for personal details, it’s best to contact the company that sent the message using a phone number provided on its website.

What happens next?

The National Crime Agency, along with the National Cyber Security Centre, the Financial Conduct Authority and the Information Commissioner’s Office (ICO) began investigating the breach last month, the BBC says. 

Dixons Carphone began its own investigation into what happened immediately after the hack was discovered in June, the company says. 

The firm’s first step involved contacting every customer to apologise and advise them of protective steps to minimise the risk of fraud. Some non-financial data “may have left our systems”, said the firm.

Dixons has announced it will also be contacting the banks of 105,000 customers who used cards not protected by chip and pin in order to avoid potential fraudulent activity. 

There’s no word on when the findings from the investigations will be revealed, but Dixons Carphone says its investigation is almost finished. 

Recommended

‘Hey Siri, what products will Apple announce at its next event?’
Apple’s ‘Spring loaded’ event will be held on 20 April
Business Briefing

‘Hey Siri, what products will Apple announce at its next event?’

Bitcoin explained: what is it and how can you buy one?
Bitcoin
In Depth

Bitcoin explained: what is it and how can you buy one?

UK’s economy grew by 0.4% in February as EU exports rebound
The UK’s construction sector grew by 1.6% in February 2021
Business Briefing

UK’s economy grew by 0.4% in February as EU exports rebound

Who are the richest people in the world?
Jeff Bezos
In Focus

Who are the richest people in the world?

Popular articles

London mayoral race 2021: who will win?
Night Tube Sadiq Khan
In Depth

London mayoral race 2021: who will win?

What is Donald Trump up to now?
Donald Trump
In Depth

What is Donald Trump up to now?

Ten Things You Need to Know Today: 4 May 2021
10 Downing Street
Daily Briefing

Ten Things You Need to Know Today: 4 May 2021