Carphone Warehouse admitted over the weekend that a catastrophic data breach has potentially led to the theft of unencrypted, sensitive data belonging to up to 2.4 million customers.
Advertisement
It has been said that the cyber attack concerns the separately managed divisions of Carphone Warehouse which operate the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk. Additional security measures are also being put into place.
Dixons Carphone, which own Carphone Warehouse, Currys and PCWorld has apologised for the attack. At least some of the information at Carphone Warehouse was encrypted, but still a lot of personal data was not.
Carphone Warehouse said it had not decided if it will compensate customers. “Our priority is reducing risk and inconvenience for customers and continuing to build ever stronger defenses”. The company also informed its customers that they should contact Action Fraud, Britain’s national fraud and internet crime reporting center, at the first notion of any suspicious activity going on with their banking account or their credit card.
The retailer also warned customers that encrypted credit card details of 90,000 people may have been stolen. He added that the company already implemented additional security measures.
Carphone Warehouse had not yet decided if it will compensate customers or not.
The phone giant said the reason it only started contacting customers as late as yesterday was because it took IT experts three days to work out which customers were affected.
Tony Neate, chief executive of Government-backed web security initiative Get Safe Online, said: “There will always be more cyber criminals looking to exploit the situation and trick you into sharing information a legitimate company would never ask for”. From Saturday, Carphone Warehouse has been informing its customers through mails.
Advertisement
If you’re wondering exactly what these major hacks mean for consumers, it’s hard to quantify – the cybercriminals could use your date of birth and address information to guess one of your online passwords or answer the security questions to reset it, for example.
