Dixons Carphone has confirmed that millions of customers’ details have been stolen in a huge cyber attack.
The retailer said this morning that hackers had gained “unauthorised data access” to the payment details of around 5.9 million customers, with another 1.2 million personal data records also being exposed.
The revelation comes as a result of an ongoing review of the company’s systems and data security, and in a statement published this morning it said: “As part of a review of our systems and data, we have determined that there has been unauthorised access to certain data held by the company.”
Nearly six million cards that have been used for payments at Currys PC World and Dixons Travel have been affected, however the company insisted that luckily the stolen data did not include pin codes, card verification details or any authentication information.
Although no sensitive card details were stolen, over 1.2 million customer names, emails and home addresses were exposed during the massive breach.
The retail giant says it is in the process of contacting all those affected by the cyber attack, and has sought to reassure customer that at this stage there has been no indication of fraudulent account activity.
Cyber security experts have also been called in by Dixons, and the company claims it has strengthened its security functions following the breach.
Dixons Carphone confirmed that it had contacted both the police and relevant authorities over the security breach and added that the majority of the stolen card details were chip and pin.
Over 100,000 non-EU issued payment cards which do not have chip and pin protection were compromised however, and in its statement said: “As a precaution we immediately notified the relevant card companies via our payment provider about all these cards so that they could take the appropriate measures to protect customers.”
Responding to the attack, Chief Executive Alex Baldock said: “We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.
“We are determined to put this right and are taking steps to do so; we promptly launched an investigation, engaged leading cyber security experts, added extra security measures to our systems and will be communicating directly with those affected.
Baldock added: “Cyber crime is a continual battle for business today and we are determined to tackle this fast-changing challenge.”