British mobile phone and electricals retailer Dixons Carphone has become the victim of a major cyber attack for the second time in three years after discovering unauthorised access to its payment card data. Again, Dixons said there was no evidence that it had resulted in any fraud.
While the breach took place last July, Dixons Carphone only realised that it had occurred in the last week and the notification delay of nearly a year was not a case of the firm covering up the fact, allegedly.
Video: Equifax teaches us what not to do after a data breach.
Dixons Carphone, the firm which runs well-known tech outlets in the United Kingdom including Currys, PC World, and Carphone Warehouse admits that it suffered a data breach in July 2017.More news: Wonder Woman 1984 First Look: Steve Trevor Is Alive?!
However, it was quick to add that 5.8 million of these cards had chip and PIN protection, and that the data stolen did not include pin codes, card verification values (CVV) or authentication data - making it more hard for the hackers to monetize the breached data.
Access was also gained to non-financial personal data, such as addresses, names and email information. As of now, there are no known cases of any fraudulent use of the compromised data, the company claims.
However around 105,000 of the accessed cards were non-EU issued, and lacked chip-and-PIN, and it says those cards have been compromised.
He said: "We are extremely disappointed and sorry for any upset this may cause". We promptly launched an investigation, engaged leading cyber security experts and added extra security measures to our systems.More news: WH adviser Navarro apologizes for 'special place in hell' slam at Trudeau
The ICO said it was liaising with the National Cyber Security Centre, the FCA and other agencies to determine the impact on customers.
"Anyone concerned about fraud or lost data should contact Action Fraud and we recommend that people are vigilant against any suspicious activity on their bank accounts".
The group added it did not believe the personal data accessed had left the group's systems, but was advising those affected on protective steps they should take.More news: Uber driver who booted 2 kissing women has license suspended