Dixons Carphone have today admitted that the personal data of 10 million customers may have been affected by a data breach in 2017, almost ten times the number it previously estimated had been affected.
This personal information include names, addresses and email addresses of customers, although Dixons Carphone state that it does not include payment card or bank account details. In today’s announcement, Dixons Carphone have stated for the first time that “there is now evidence that some of the data may have left our system” although also there is no evidence that any fraud has resulted from the data breach
On 13th June 2018, Dixons Carphone previously stated that it believed that the personal information of 1.2 million customers had been breached although there was no evidence that the information left its systems. It also announced that the card details of 5.9 million customers may have been affected by a data breach although the information hacked did not include the chip and pin codes or card verification values (CVV).
Dixons Carphone state that they are “disappointed in having fallen short here” and have confirmed that “as a precaution” they are contacting affected customers to apologise and advise on the protective steps they can take to protect themselves.
Sean Humber, a leading data breach lawyer at Leigh Day commented
“Dixons Carphone’s latest announcement seems to suggest that the 2017 data breach is more serious than previously thought – both in terms of the number of people affected and because affected customers’ information may have left its system. Customers urgently need to know what has happened to their personal information.
Those affected by this data breach are likely to have claims for compensation for the distress and inconvenience caused as well as any losses that they may have suffered.”