Carphone Warehouse has announced it has suffered from a sophisticated security breach wherein data of up to 2.4 million customers including bank details may have been accessed.
The breach was detected on August 5, the company announced and affects the IT systems division of Carphone Warehouse in the UK, which operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk and provides a number of services to iD Mobile, TalkTalk Mobile, Talk Mobile, and to certain customers of Carphone Warehouse.
According to Carphone Warehouse, it has already secured the affected systems with additional layers of security so as to prevent future attacks and has also hired a leading cyber security firm to determine exactly what data was affected.
Preliminary investigation has revealed that personal details of up to 2.4 million customers may have been accessed and these details included name, address, date of birth and bank details. The company also revealed that encrypted credit card data of up to 90,000 customers may also have been accessed.
Customers’ whose data may have been accessed are being contacted by Carphone Warehouse and its partners to inform them of the breach and to give them advice to reduce any risk and minimise inconvenience. Currys and PCWorld and the vast majority of Carphone Warehouse customer data is held on separate systems and has not been accessed during this incident.
Sebastian James, Group Chief Executive of Dixons Carphone, said: “We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems. We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”
