A leading data protection lawyer has said that Dixons Carphone could face significant legal action after it revealed that the bank card details of over five million of its customers, as well as the personal data records of over one million customers, had been hacked in a major cyber-attack on the retailer.
Dixons Carphone said that card companies had been notified, and that there was no evidence of fraud on the cards as a result of the incident.
However Sean Humber from law firm Leigh Day who acts for thousands of victims of cybercrime against those whose data storage has been breached, said that those affected did not have to have just suffered from financial losses to make a claim.
He said: “This is a huge data breach made all the more serious because customers’ financial information has been hacked.
“Those affected are likely to have claims for compensation not only for any financial losses that they may have suffered but also for the anxiety and distress caused by the breach.”
According to reports an investigation by the retailer found that hackers accessed non-financial personal data – such as name, address or email details – for 1.2 million customer records.
Mr Humber said it was disappointing that the breach occurred as Carphone Warehouse, which is owned by Dixons Carphone, had previously been the victim of a cyber-attack in 2015 when the personal details of millions of its customers were breached.
“Clearly it is vital that Dixons Carphone now urgently contact all of their customers to confirm whether or not they believe their personal information has been hacked and, if so, clarify what they consider has happened to it.
“The apparent deficiencies in Dixons Carphone’s security measures are all the more disappointing given that they were victims of a cyber-attack in 2015 that resulted in the personal information of over 3 million customers being hacked, as a consequences of which they were fined £400,000 by the Information Commissioner’s Office. Sadly, it now seems clear that Dixons Carphone failed to learn the lesson from this previous incident.”
Dixons Carphone chief executive Alex Baldock said: “We are extremely disappointed and sorry for any upset this may cause.
“The protection of our data has to be at the heart of our business, and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and, though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.”
Dixons said the hack occurred in one of the processing systems of Currys PC World and Dixons Travel stores.
Leave a Comment