You are here: Home - Household Bills - News -

Carphone Warehouse fined £400,000 over 2015 cyber-attack

0
Written by: Paloma Kubiak
11/01/2018
Carphone Warehouse has been handed one of the largest fines by the data regulator following a cyber-attack in 2015, which saw personal details of three million people accessed by hackers.

The Information Commissioner’s Office has issued the fine to Carphone Warehouse, owned by Dixons Carphone, after one of its computer systems was compromised during a cyber-attack in 2015.

Its failure to secure systems meant unauthorised access to the personal data of over three million customers and 1,000 employees. Names, addresses, phone numbers, dates of birth, marital status, and for more than 18,000 customers, historical payment card details were also accessed.

The ICO found that hackers were able to access the system via out-of-date WordPress software and as such, the data breach “would significantly affect individuals’ privacy”, leaving their data at risk of being misused.

Following its investigation, it identified “multiple inadequacies” in Carphone Warehouse’s approach to data security and said it had failed to take necessary steps to protect personal information. Further, the software in systems were found to be out of date and the ICO said there were also inadequate measures in place to identify and purge historic data.

It said this was a “serious contravention”, though the ICO acknowledged that Carphone Warehouse took action to fix some of the problems to protect those affected, and to date, there has been no evidence that the data has resulted in identity theft or fraud.

Information commissioner Elizabeth Denham, said: “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.

“Carphone Warehouse should be at the top of its game when it comes to cyber-security, and it is concerning that the systemic failures we found related to rudimentary, commonplace measures.”

A Carphone Warehouse spokesperson said it will pay a fine of £320,000, which includes a 20% reduction for early payment (by 7 February 2018).

They added: “We accept the decision by the ICO and have co-operated fully throughout its investigation into the illegal cyberattack on a specific system within one of Carphone Warehouse’s UK divisions in 2015.

“As the ICO notes in its report, we moved quickly at the time to secure our systems, to put in place additional security measures and to inform the ICO and potentially affected customers and colleagues. The ICO noted there was no evidence of any individual data having been used by third parties.

“Since the attack in 2015 we have worked extensively with cyber security experts to improve and upgrade our security systems and processes. We are very sorry for any distress or inconvenience the incident may have caused.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Seven ways to get help with energy bills this winter

We knew today’s announcement was going to be painful, but it’s still a shock to the system. When this kick...

Flight cancelled or delayed? Your rights explained

With no sign of the problems in UK aviation easing over the peak summer period, many will worry whether holida...

Rail strikes: Your travel and refund rights

Thousands of railway workers will strike across three days this week, grinding much of the transport system to...

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week