Cybersecurity

Carphone Warehouse hack exposes 2.4m UK customers

Life
Image: Stockfresh

10 August 2015

Cyberthieves broke into the IT systems of mobile phone retailer Carphone Warehouse and may have stolen personal and bank data of up to 2.4 million UK customers, including credit card details of up to 90,000 customers. No customers in the Republic of Ireland have been affected by the attack.

The division that was attacked operates the OneStopPhoneShop.com, e2save.com and Mobiles.co.uk websites, and provides services to iD Mobile, TalkTalk Mobile, Talk Mobile and some customers of Carphone Warehouse, the company said Saturday in an e-mailed statement.

The attack, which the company described as “sophisticated,” was discovered Wednesday afternoon (5 August), and likely happened at some point in the two weeks prior to the discovery. Carphone Warehouse has secured the breached systems, put in place additional safety measures and hired a security company to determine what data was compromised. It is also notifying customers that could be affected.

Compromised data could include names, addresses, dates of birth and bank account information. The credit card details at risk were encrypted. Sebastian James, CEO of parent company Dixons Carphone, apologised, saying he was “very sorry that people have been affected by this attack on our systems”.

The attackers didn’t access customer data from Currys nor from PCWorld, and they didn’t get to “the vast majority” of Carphone Warehouse customer data. That information is held on separate systems that weren’t breached.

Still, Alan Woodward, an adviser to EU law enforcement agency Europol and a visiting cyber security lecturer at Surrey University told UK newspaper The Independent that the Carphone Warehouse attack is “one of the biggest we’ve seen in the last few years” in the UK.

“British firms are increasingly a target after the big hacks in America of Target and eBay,” said Woodward.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie