Carphone Warehouse suffers massive data breach in hacking attack
The card details of 90,000 customers may have been compromised
Carphone Warehouse, owned by Dixons Carphone, has revealed a hack may have exposed the personal details of 2.4 million customers, with 90,000 of the records including encrypted credit card information.
The Information Commissioner's Office (ICO) is currently investigating into the attack, which surfaced last Wednesday and was announced to the public on Saturday. It is thought the attack happened over the previous two weeks, but Carphone Warehouse waited a few days to assess the damage before telling customers.
Technology analyst Tom Cheesewright told the BBC: "I don't think we'll know until the Information Commissioner's Office looks at this - whether they did the right thing, whether they were prudent in waiting a few days."
In addition to the 90,000 card details it said may have been stolen, names, addresses, dates of birth and bank details have also been accessed across the entire business including onestopphoneshop.co.uk, e2save.com, Mobiles.co.uk, iD Mobile, TalkTalk Mobile and Talk Mobile. The websites affected were taken offline, although they now seem to be up and running again, apart from onestopphoneshop.co.uk.
Cheesewright explained it is likely the stolen information would be sold onto other websites for between 5 and 10 for card details and maybe twice that for records including full names, addresses and dates of birth. Criminals can use the data to buy items online or to take out loans. "It's a very good start for a full case of identity theft," he said.
An ICO spokesperson said: "We have been made aware of an incident at Carphone Warehouse and are making enquiries."
The Metropolitan Police's Cyber Crime Unit said it had also been made aware of the breach, according to The BBC, but that no formal allegation of criminal activity had yet been made.
Carphone Warehouse customers should keep tabs on their bank accounts to ensure no unusual activity occurs and to notify their bank straight away if they see transactions they did not make.
Digital document processes in 2020: A spotlight on Western Europe
The shift from best practice to business necessityDownload now
Four security considerations for cloud migration
The good, the bad, and the ugly of cloud computingDownload now
VR leads the way in manufacturing
How VR is digitally transforming our worldDownload now
Deeper than digital
Top-performing modern enterprises show why more perfect software is fundamental to successDownload now