Carphone Warehouse the latest to suffer a high profile data breach

In the latest in a series of high profile data breaches, the personal details of up to 2.4 million Carphone Warehouse customers may have been stolen following a cyber-attack last Wednesday.

Notably, the cyber attack is thought to only affect the customers of three of the websites belonging to the group: onestopphoneshop.com, e2save.com, and mobiles.co.uk – leading to speculation that vulnerabilities specific to those particular sites were exploited.

Customers of Dixons Carphone’s Currys and PC World businesses, as well as “the vast majority of Carphone Warehouse customers” are said to have been unaffected by the breach, but have still joined those customers whose data was accessed in expressing concerns over their privacy and safety, highlighting the need for businesses to put consistent and robust Data Protection policies in place which reach every corner of their organisation.

Shares in Dixons Carphone, the umbrella corporation containing Carphone Warehouse, have fallen by 1.75% following the attack.

The incident will now be investigated by the Information Commissioner’s Office, which has the power to impose a fine of up to £500,000 should the data protection in place be found to be inadequate.

Fines aside, it’s damage limitation for Dixons Carphone, which must now work to regain the trust of the 2.4 million affected customers, millions of concerned customers of its other businesses, and its shareholders.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”