IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Carphone Warehouse suffers massive data breach in hacking attack

The card details of 90,000 customers may have been compromised

Carphone Warehouse

Carphone Warehouse, owned by Dixons Carphone, has revealed a hack may have exposed the personal details of 2.4 million customers, with 90,000 of the records including encrypted credit card information.

The Information Commissioner's Office (ICO) is currently investigating into the attack, which surfaced last Wednesday and was announced to the public on Saturday. It is thought the attack happened over the previous two weeks, but Carphone Warehouse waited a few days to assess the damage before telling customers.

Technology analyst Tom Cheesewright told the BBC: "I don't think we'll know until the Information Commissioner's Office looks at this - whether they did the right thing, whether they were prudent in waiting a few days."

In addition to the 90,000 card details it said may have been stolen, names, addresses, dates of birth and bank details have also been accessed across the entire business including onestopphoneshop.co.uk, e2save.com, Mobiles.co.uk, iD Mobile, TalkTalk Mobile and Talk Mobile. The websites affected were taken offline, although they now seem to be up and running again, apart from onestopphoneshop.co.uk.

Cheesewright explained it is likely the stolen information would be sold onto other websites for between 5 and 10 for card details and maybe twice that for records including full names, addresses and dates of birth. Criminals can use the data to buy items online or to take out loans. "It's a very good start for a full case of identity theft," he said.

An ICO spokesperson said: "We have been made aware of an incident at Carphone Warehouse and are making enquiries."

The Metropolitan Police's Cyber Crime Unit said it had also been made aware of the breach, according to The BBC, but that no formal allegation of criminal activity had yet been made.

Carphone Warehouse customers should keep tabs on their bank accounts to ensure no unusual activity occurs and to notify their bank straight away if they see transactions they did not make.

Image credit: Thinglass / Shutterstock.com

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022