Dixons Carphone said an investigation into a massive data breach has found personal data belonging to 10 million customers may have been accessed last year, nearly 10 times as many as initially thought.
The electronics retailer had estimated the attack involved unauthorised access to 1.2 personal records, when it first reported the breach in June. It said there was no evidence of any fraud.
Alex Baldock, the chief executive, said: “Since our data security review uncovered last year’s breach, we’ve been working around the clock to put it right. That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today.
“Again, we’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.”
The company said records containing personal data such as names, addresses or email addresses had been accessed, but not financial information. It is writing to customers to apologise for the data breach, but does not plan to pay compensation as there is no evidence that anyone has suffered any financial loss.
“While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted,” Dixons said.
Dixons Carphone is conducting the investigationwith the help of the National Cyber Security Centre, a branch of GCHQ, Britain’s intelligence and security service.
For more read the full of article at The Guardian
