Currys PC World and Dixons Travel have admitted the details of more than seven million customers have been compromised in a huge data hack.
Dixons Carphone Warehouse, which runs both firms, says that 5.9 million card details were targeted, of which 5.8 million have chip and PIN protection and the hackers did not get hold of PIN numbers, the three digit verification code on the back of the cards or any data which would allow the cards to be used to buy goods.
It said 105,000 non-EU cards, which didn’t have chip and PIN protection were compromised, and Dixons Carphone Warehouse says it has contacted the card firms and customers who have been affected.
A further 1.2 million records containing non-financial personal data, such as name, address or email address, have also been accessed.
It follows Carphone Warehouse, which is part of the same group, being fined £400,000 in January this year for a data breach in which more than three million customers’ details were compromised.
See 30+ Ways to Stop Scams for ways to protect yourself online.
Get Our Free Money Tips Email!
How do I know if I’m affected?
Dixons Carphone Warehouse says it is still investigating the hack, which it discovered last week but could have happened as far back as July last year.
It confirmed the 5.8 million card details could have been held simply if a customer made a purchase at either Currys PC World or Dixons Travel in the past year. It says it has contacted the banks but will not be contacting individual customers as it does not have their details.
If you have made a purchase at either of the affected firms in the past year and are concerned Dixons Carphone Warehouse says to contact your bank.
It is, however, contacting the 1.2 million customers whose non-financial records have been accessed. This could be if they are a Currys PC World Know How customer, for example, and had signed up to a support package.
What should I do?
Dixons Carphone Warehouse says there has been no evidence of fraud as a result of the hack, but there are a few general tips below if you’re worried:
Regularly check your accounts – it’s good practice to regularly keep an eye on your bank accounts and credit card statements. If you spot anything unusual contact your provider immediately.
- Watch out for scams – Be alert and watch out for potential scam emails or calls, don’t simply assume they are genuine even if they look believable.
- Change your password – Dixons Carphone Warehouse doesn’t think any passwords were taken, but if you’re worried change your password, and change it on other sites where you have used the same one.
What does Dixons Carphone Warehouse say?
Chief executive Alex Baldock said: “We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and weve fallen short here.
“We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.
“We are determined to put this right and are taking steps to do so; we promptly launched an investigation, engaged leading cyber security experts, added extra security measures to our systems and will be communicating directly with those affected. Cyber crime is a continual battle for business today and we are determined to tackle this fast-changing challenge.”
It has informed the police, the Financial Conduct Authority and the Information Commissioner’s Office.