Dixons Carphone has disclosed a customer data breach but said there is no evidence that the information has been fraudulently used.
Dixons Carphone revealed that it had discovered “an attempt to compromise 5.9 million cards in one of the processing systems of Currys PC World and Dixons Travel stores”. The retailer said 5.8 million of the cards have chip and pin protection.
However approximately 105,000 non-EU issued payment cards which do not have chip and pin protection have been compromised.
The retailer has also found that 1.2 million records containing non-financial personal data, such as name, address or email address, have been accessed. Dixons Carphone said: “We have no evidence that this information has left our systems or has resulted in any fraud at this stage.”
The breach emerged during a review of the retailer’s systems and data and Dixons Carphone subsequently launched an investigation and strengthened security measures.
The Information Commissioner’s Office, the Financial Conduct Authority and the police have all been informed.
Dixons Carphone chief executive Alex Baldock said: “We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.
“We are determined to put this right and are taking steps to do so. We promptly launched an investigation, engaged leading cybersecurity experts, added extra security measures to our systems and will be communicating directly with those affected.
“Cybercrime is a continual battle for business today and we are determined to tackle this fast-changing challenge.”