If You think nobody cares about GDPR
Well you can bet Dixons Carphone do now
The firm says there had been "an attempt to compromise" 5.9 million credit and debit cards last year, with 105,000 cards being leaked
Dixons Carphone, the parent company which owns Currys PC World, Carphone Warehouse and Dixons Travel stores, has admitted a huge data breach involving the personal details of more than 5.9 million customers.
Dixons Carphone data breach
Dixons Carphone is investigating the attempted hack and said it had already informed the Information Commissioner's Office (ICO), the Financial Conduct Authority as well as the police. It did add that there was "currently no evidence of any fraudulent use of the information."
An ICO spokesperson said: "An incident involving Dixons Carphone has been reported to us and we are liaising with the National Cyber Security Centre, the Financial Conduct Authority and other relevant agencies to ascertain the details and impact on customers.
Beyond the 5.9 million cards, 1.2 million data records including names, addresses and email addresses of customers were also exposed in the Dixons Carphone breach and the company is contacting those whose non-financial data was accessed to "inform them, to apologies, and to give them advice on any protective steps they should take".
Dixons Carphone data breach and GDPR
This data breach is the first major public leak to be announced since the introduction of GDPR in Europe.
Under these new, far-reaching regulations, companies can be fined up to a staggering €20 million, or 4% of global annual turnover (whichever is higher), if they are found to have failed to adhere to GDPR or suffer a data breach. In particular, a company must alert the authorities about a data breach within 72 hours of being made aware of it or face a fine of up to €10 million.
On top of this they could potentially face a massive amount of claims from individuals who's data has been lost, now its a lot easier for individuals to make a claim against a company if they haven't taken due care of their data.
OES provide companies with GDPR advice and consultancy, if reading this post makes you uneasy about your GDPR compliance or network security ,find out if your complaint, give us a ring on 01745 815516 now before it's too late.
Company Director | Business Consultant | Sales & Marketing Leader | Army Reservist
6 年Certainly, something that should be taken seriously. I was especially concerned to see whether or not the data was lost through penetration into the 'KnowHow Cloud'?
Inside Sales Manager at WorkNest
6 年Kyle Rushton McGregor
Cybersecurity Enthusiast | Business Leader | Mentor | Women's ERG Ally | CompTIA Member | Charity Fundraiser
6 年I don’t think the ICO will fine them under the new GDPR. The breach happened pre 25th May and that will be their defence.