Data breaches have become so commonplace that we pretty much expect them to happen at any time. The only question is. Who will it happen to next? This week’s victim is Dixons Carphone, a United Kingdom-based retailer that also operates Carphone Warehouse. The company announced that hackers accessed 5.9 million credit card details. Hackers also managed to get their hands on 1.2 million other records about Dixons Carphone customers.
Dixons Carphone did issue a press release that read:
Our investigation is ongoing and currently indicates that there was an attempt to compromise 5.9 million cards in one of the processing systems of Currys PC World and Dixons Travel stores. However, 5.8m of these cards have chip and pin protection. The data accessed in respect of these cards contains neither pin codes, card verification values (CVV) nor any authentication data enabling cardholder identification or a purchase to be made.
Approximately 105,000 non-EU issued payment cards which do not have chip and pin protection have been compromised. As a precaution, we immediately notified the relevant card companies via our payment provider about all these cards so that they could take the appropriate measures to protect customers. We have no evidence of any fraud on these cards as a result of this incident.
Dixons Carphone Chief Executive, Alex Baldock, said:
“We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and we’ve fallen short here. We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously. We are determined to put this right and are taking steps to do so; we promptly launched an investigation, engaged leading cyber security experts, added extra security measures to our systems and will be communicating directly with those affected. Cyber crime is a continual battle for business today and we are determined to tackle this fast-changing challenge.”
Dixons Carphone says that the data breach goes as far back as July 2017 but did not say when they first detected it. The company says that the chip protection in the violated credit cards should circumvent any fraudulent use.Source: ZDNet