Carphone Warehouse hack exposes personal data of 2.4 million
UK mobile phone retail Carphone Warehouse has revealed that the personal data, including bank details, of up to 2.4 million customers may have been accessed in a cyber attack.
August 10, 2015
UK mobile phone retail Carphone Warehouse has revealed that the personal data, including bank details, of up to 2.4 million customers may have been accessed in a cyber attack.
The hack occurred on 5 August and concerned a division of CPW that runs the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk and provides services to some customers of iD Mobile, TalkTalk Mobile, Talk Mobile and CPW itself. It’s not thought that customers of Currys and PC World, part of the same group of companies as CPW, are affected.
“We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems,” said Sebastian James, Group Chief Executive of Dixons Carphone. “We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”
According to a customer FAQ there is an investigation underway and additional security measures have been put in place to prevent further attack. As ever this can come over as shutting the stable door after the horse has bolted and cyber security commentators have wasted little time in speaking out.
“Data breaches often start with a spear phishing attack that evades detection from regular spam filters and single anti-virus engines,” said Mike Spykerman, VP at OPSWAT. “By using multiple anti-virus engines, the possibility that a spear phishing attack is detected is considerably higher.”
“It’s a clear signal that contemporary data encryption and tokenization for all sensitive fields, not disk or column level encryption for credit cards, is necessary to thwart advanced attacks that scrape sensitive data from memory, data is use, as well as storage and transmission,” said Mark Bower, Global Director at HP Security Voltage.
“Data is a company’s biggest asset, but many organisations haven’t yet got to grips with how to protect it in the new world order of mobile devices and cloud-based access,” said Phil Barnett, EMEA VP and GM of Good Technology. “The security challenge won’t go away and companies need to change their mindset in order to solve it.”
About the Author
You May Also Like