Carphone Warehouse has become the victim of a cyber-attack primarily targeted to its website divisions of OneStopPhoneShop.com, e2save.com and Mobiles.co.uk. However, the ICO have reported that customers affected also include service users of iD Mobile, TalkTalk Mobile, Talk Mobile and Carphone Warehouse customers. The breach is believed to have resulted in access to up to 2.4 million customers' personal details including names, addresses and bank details. Carphone Warehouse has announced that the encrypted credit card details of up to a potential 90,000 customers may have also been accessed.
Carphone Warehouse, which is owned by Dixons Carphone plc, have labeled the incident "a sophisticated cyber-attack" and say that they "took immediate action to secure these systems and launched an investigation with a leading cyber security firm to determine exactly what data was affected. We have also put in place additional security measures to prevent further attacks".
The ICO, who are aware of the incident, published commentary on 10 August 2015 which noted that –"Anytime personal data is lost there can be a risk of identity theft" and pointed individuals to guidance on the actions that affected individuals could take to protect their identity.
To view Carphone Warehouse's press announcement, please click here.
To view the ICO statement, please click here.