'Further harm' unlikely for Carphone Warehouse cyber attack victims
The fallout from a cyber attack on Carphone Warehouse is “containable”, with only a “tiny fraction” of people affected likely to suffer any further harm, an expert has said.
Carphone Warehouse has confirmed that personal details of up to 2.4m customers may have been accessed in the attack, while up to 90,000 customers may also have had their encrypted credit card details accessed.
In a statement Dixons Carphone, which owns the chain, said it discovered last Wednesday that the IT systems of a division of Carphone Warehouse had been breached by a “sophisticated cyber attack”.
The division operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk, and provides services to iD Mobile, TalkTalk Mobile, Talk Mobile, and to some Carphone Warehouse customers.
The company said had launched an investigation with a cyber security firm to find out what data had been accessed and had put extra security measures in place.
Dixons Carphone is in the process of contacting all customers who may have been affected to let them know and offer them advice, it said.
But Ken Odeluga, a senior market analyst at www.cityindex.co.uk, said breaches like this are relatively rare and would only affect a small proportion of people.
“Unless further details emerge which are damaging, my view is that the impact from the breach is containable,” he said.
'Loss of privacy'
The impact on Carphone Warehouse shares is likely to be “negligible”, he said, with no financial fallout.
“Whilst unfortunate, breaches such are these remain relatively rare and only a tiny fraction, if any, of the individuals exposed seldom can be expected to suffer any further harm at all, apart from a temporary loss of privacy.”
He said the company had come under fire for not publicising the breach immediately after it was discovered, but added: “However, Carphone Warehouse undoubtedly followed best practice for remedial measures to the letter, which helps explain why securing the breach before publicising may have taken priority.”
In its statement, Dixons Carphone said its investigation had indicated that personal data which could include the names, addresses, dates of birth and bank details of up to 2.4m customers, may have been accessed, along with the encrypted credit card data of up to 90,000 customers.
It said Currys and PC World and the vast majority of Carphone Warehouse customer data are held on separate systems and had not been accessed during the incident.
Sebastian James, group CEO of Dixons Carphone, said: “We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems.
“We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”
Why do we need your postcode?
Once you enter your postcode, Cable.co.uk will perform a live lookup and check all the available providers in your area.
This ensures you receive accurate information on the availability of providers and packages in your area.
Your information is safe with us. We won't share your postcode with anyone. Guaranteed.