Dixons Carphone has revealed a data breach affected 10 million personal data records, up from its original estimate of 1.2 million.
An investigation into the breach also found evidence some data may have left the retailerâs systems. Dixons Carphone insists the compromised records do not contain payment card or bank account details.
When it disclosed the breach in June, the retailer said only non-financial personal data such as names, addresses and email addresses had been accessed.
Dixons Carphone chief executive Alex Baldock said: âSince our data security review uncovered last yearâs breach, weâve been working around the clock to put it right.
âThatâs included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that weâre updating on today.
âAs a precaution, weâre now also contacting all our customers to apologise and advise on the steps they can take to protect themselves. Weâre disappointed in having fallen short here and very sorry for any distress weâve caused our customers.â
Dixons Carphone said its investigation has found âno evidence that any fraud has resultedâ from the breach.
The electronics specialist is upping its investment in cybersecurity and âworking intensively with leading cybersecurity expertsâ.
The breach is believed to have begun in 2017 and only emerged during a review of the retailerâs systems and data.
The Information Commissionerâs Office, the Financial Conduct Authority and the police were all informed on discovery of the breach. Dixons Carphone is keeping the authorities updated on the progress of its investigation, which is nearing completion.
No comments yet