Carphone Warehouse hack exposes personal data of 2.4 million

UK mobile phone retail Carphone Warehouse has revealed that the personal data, including bank details, of up to 2.4 million customers may have been accessed in a cyber attack.

Scott Bicheno

August 10, 2015

2 Min Read
Carphone Warehouse hack exposes personal data of 2.4 million

UK mobile phone retail Carphone Warehouse has revealed that the personal data, including bank details, of up to 2.4 million customers may have been accessed in a cyber attack.

The hack occurred on 5 August and concerned a division of CPW that runs the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk and provides services to some customers of iD Mobile, TalkTalk Mobile, Talk Mobile and CPW itself. It’s not thought that customers of Currys and PC World, part of the same group of companies as CPW, are affected.

“We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems,” said Sebastian James, Group Chief Executive of Dixons Carphone. “We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”

According to a customer FAQ there is an investigation underway and additional security measures have been put in place to prevent further attack. As ever this can come over as shutting the stable door after the horse has bolted and cyber security commentators have wasted little time in speaking out.

“Data breaches often start with a spear phishing attack that evades detection from regular spam filters and single anti-virus engines,” said Mike Spykerman, VP at OPSWAT. “By using multiple anti-virus engines, the possibility that a spear phishing attack is detected is considerably higher.”

“It’s a clear signal that contemporary data encryption and tokenization for all sensitive fields, not disk or column level encryption for credit cards, is necessary to thwart advanced attacks that scrape sensitive data from memory, data is use, as well as storage and transmission,” said Mark Bower, Global Director at HP Security Voltage.

“Data is a company’s biggest asset, but many organisations haven’t yet got to grips with how to protect it in the new world order of mobile devices and cloud-based access,” said Phil Barnett, EMEA VP and GM of Good Technology. “The security challenge won’t go away and companies need to change their mindset in order to solve it.”

About the Author

Scott Bicheno

As the Editorial Director of Telecoms.com, Scott oversees all editorial activity on the site and also manages the Telecoms.com Intelligence arm, which focuses on analysis and bespoke content.
Scott has been covering the mobile phone and broader technology industries for over ten years. Prior to Telecoms.com Scott was the primary smartphone specialist at industry analyst Strategy Analytics’. Before that Scott was a technology journalist, covering the PC and telecoms sectors from a business perspective.
Follow him @scottbicheno

Subscribe and receive the latest news from the industry.
Join 56,000+ members. Yes it's completely free.

You May Also Like