Number Affected by Dixons Carphone GDPR Breach Much Greater Than First Supposed

August 11, 2018


It has been disclosed that a data breach at Dixons Carphone actually saw the private data of 10 million people retrieved, a much higher number than first indicated.

A statement issued by Dixons on Tuesday said: “Our inquiry, which is now nearing the end, has identified that roughly 10 million records containing private data might have been retrieved in 2017. Although there is no proof that some of this data might have left our systems, these records don’t contain payment card or bank account details and there is no proof that any scam has resulted.

“We are continuing to keep the related authorities informed. As a safety measure, we are choosing to communicate to all of our clients to apologize and advise them of defensive steps to minimize the risk of a scam. As we indicated earlier, we have taken action to close off this access and have no proof it is carrying on.”

In June Dixons Carphone disclosed that 5.9 million customer bank card details and 1.2 million private data records had been hacked and the group got in touch with all its clients in the UK and Ireland to inform them of this.

5.8 million of the payment cards aimed were safeguarded by chip and pin. However, roughly 105,000 non-EU cards which didn’t have chip and pin protection were impacted. Dixons Carphone added that the related card firms had been made conscious of the occurrence. They added that there was no evidence of fraud on the cards because of the occurrence.

Dixons Carphone Chief executive Alex Baldock said: “Since our data safety evaluation disclosed last year’s breach, we’ve been working around the clock to put it right. That’s included closing off the unauthorized access, adding new safety measures and starting an immediate inquiry, which has permitted us to build a fuller knowledge of the occurrence that we’re updating on today.

“As a safety measure, we’re now also getting in touch with all our clients to apologize and advise on the steps they can take to safeguard themselves. Again, we’re dissatisfied in having fallen short here and very sorry for any trouble we’ve caused our clients. I want to assure them that we remain completely devoted to making their private data safe with us.”