Dixons Carphone 'fesses to mega-breach: Probes 'attempt to compromise' 5.9m payment cards

www.theregister.co.uk | 6/13/2018 | Staff
tictac399 (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2017/07/26/currys_pc_world_shutterstock.jpg?x=1200&y=794

Retailer Dixons Carphone has gone public about a hack attack involving 5.9 million payment cards and 1.2 million personal data records.

In a statement (PDF), Dixons Carphone said that "unauthorised access" of data held by the company had prompted an investigation, the hiring of external security experts and efforts to shore up its security defences. It has informed police, regulators at the Information Commissioner's Office and the Financial Conduct Authority.

Reassurance - Evidence - Date - Use - Data

It goes on to offer the not-entirely-reassuring reassurance that it has "no evidence to date of any fraudulent use of the data as result of these incidents" before admitting the compromised information included (incomplete, in some cases) payment card data.

Our investigation is ongoing and currently indicates that there was an attempt to compromise 5.9 million cards in one of the processing systems of Currys PC World and Dixons Travel stores. However, 5.8 million of these cards have chip and PIN protection.

Data - Respect - Cards - PIN - Codes

The data accessed in respect of these cards contains neither PIN codes, card verification values (CVV) nor any authentication data enabling cardholder identification or a purchase to be made. Approximately 105,000 non-EU issued payment cards which do not have chip and PIN protection have been compromised.

As a precaution we immediately notified the relevant card companies via our payment provider about all these cards so that they could take the appropriate measures to protect customers. We have no evidence of any fraud on these cards as a result of this incident.

Retailer - Hacks - Years - Incident - Credit

The retailer has suffered hacks before. Three years ago a seemingly similar incident exposed the credit card details of 90,000 Dixons Carphone customers.

The latest incident also potentially exposed the personal details of 1.2 million...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!