In the latest in a series of high profile data breaches, the personal details of up to 2.4 million Carphone Warehouse customers may have been stolen following a cyber-attack last Wednesday.
Notably, the cyber attack is thought to only affect the customers of three of the websites belonging to the group: onestopphoneshop.com, e2save.com, and mobiles.co.uk – leading to speculation that vulnerabilities specific to those particular sites were exploited.
Customers of Dixons Carphone’s Currys and PC World businesses, as well as “the vast majority of Carphone Warehouse customers” are said to have been unaffected by the breach, but have still joined those customers whose data was accessed in expressing concerns over their privacy and safety, highlighting the need for businesses to put consistent and robust Data Protection policies in place which reach every corner of their organisation.
Shares in Dixons Carphone, the umbrella corporation containing Carphone Warehouse, have fallen by 1.75% following the attack.
The incident will now be investigated by the Information Commissioner’s Office, which has the power to impose a fine of up to £500,000 should the data protection in place be found to be inadequate.
Fines aside, it’s damage limitation for Dixons Carphone, which must now work to regain the trust of the 2.4 million affected customers, millions of concerned customers of its other businesses, and its shareholders.