Carphone Warehouse Hack Could Leave 2.4m Customers’ Data At Risk

The personal details of up to 2.4 million Carphone Warehouse customers may have been compromised as the British mobile phone retailer revealed it was the victim of a cyber attack.

The company, which made news public on Saturday 8 August, said that the attack was first discovered three days earlier.

Shares in Carphone Warehouse fell two percent this morning as the UK’s Information Commissioner’s Office (ICO) begins “making enquiries” into how the data breach happened and what can be done about it.

Credit card details

Carphone Warehouse has admitted the encrypted credit card details of up to 90,000 customers may have been breached. The attackers could also have data that includes names, addresses, bank details and dates of birth.

The firm called the incident a “sophisticated cyber attack” that was stopped immediately after being discovered. However it only started notifying affected customers by email on Saturday morning.

It said in a statement: “We and our partners are contacting all those customers who may have been affected to inform them of the breach and to give them advice to reduce any risk and minimise inconvenience.”

Scotland Yard has reportedly been notified and will be helping investigate the incident, whilst the ICO has has already begun looking into the breach.

However, potentially-affected customers are angry at the retailer for not notifying the public earlier.

The chief executive of Dixons Carphone, Sebastian James, said: “We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems.

“We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”

Customers of websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk could also be affected, as these are part of the Carphone Warehouse group.

“Armed with the data they already have, attackers are likely to try and trick those affected by the breach into revealing further details, such as account numbers and passwords,” said Thierry Karsenti.

“For the attackers, it’s just a numbers game, but it could have serious consequences for customers. Phishing emails continue to be the most common source for social engineering attacks, so customers should be suspicious of any emails, or even phone calls, that relate to the breach, and should not give away more information.”

Affected customers include 1.9 million who are direct customers of Carphone Warehouse, and almost 480,000 who are customers of TalkTalk Mobile, as the division processes its customer data via Carphone Warehouse.

The attackers are yet to be identified, said the firm.

Take our hacking quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

4 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

6 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

8 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

9 hours ago