You are here: Home - Household Bills - News -

Carphone Warehouse fined £400,000 over 2015 cyber-attack

Written by: Paloma Kubiak
Carphone Warehouse has been handed one of the largest fines by the data regulator following a cyber-attack in 2015, which saw personal details of three million people accessed by hackers.

The Information Commissioner’s Office has issued the fine to Carphone Warehouse, owned by Dixons Carphone, after one of its computer systems was compromised during a cyber-attack in 2015.

Its failure to secure systems meant unauthorised access to the personal data of over three million customers and 1,000 employees. Names, addresses, phone numbers, dates of birth, marital status, and for more than 18,000 customers, historical payment card details were also accessed.

The ICO found that hackers were able to access the system via out-of-date WordPress software and as such, the data breach “would significantly affect individuals’ privacy”, leaving their data at risk of being misused.

Following its investigation, it identified “multiple inadequacies” in Carphone Warehouse’s approach to data security and said it had failed to take necessary steps to protect personal information. Further, the software in systems were found to be out of date and the ICO said there were also inadequate measures in place to identify and purge historic data.

It said this was a “serious contravention”, though the ICO acknowledged that Carphone Warehouse took action to fix some of the problems to protect those affected, and to date, there has been no evidence that the data has resulted in identity theft or fraud.

Information commissioner Elizabeth Denham, said: “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.

“Carphone Warehouse should be at the top of its game when it comes to cyber-security, and it is concerning that the systemic failures we found related to rudimentary, commonplace measures.”

A Carphone Warehouse spokesperson said it will pay a fine of £320,000, which includes a 20% reduction for early payment (by 7 February 2018).

They added: “We accept the decision by the ICO and have co-operated fully throughout its investigation into the illegal cyberattack on a specific system within one of Carphone Warehouse’s UK divisions in 2015.

“As the ICO notes in its report, we moved quickly at the time to secure our systems, to put in place additional security measures and to inform the ICO and potentially affected customers and colleagues. The ICO noted there was no evidence of any individual data having been used by third parties.

“Since the attack in 2015 we have worked extensively with cyber security experts to improve and upgrade our security systems and processes. We are very sorry for any distress or inconvenience the incident may have caused.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Everything you need to know about being furloughed

Few people had heard of ‘furlough’ before March 2020, but the coronavirus pandemic thrust the idea of bein...

The savings accounts paying the most interest

If one of your jobs this month is to get your finances in order, moving your savings to a higher paying deal i...

Coronavirus and your finances: what help can you get in the second lockdown?

News and updates on everything to do with coronavirus and your personal finances.

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

Having a baby and your finances: seven top tips

We’re guessing the Duchess of Cambridge won’t be fretting about maternity pay or whether she’ll still be...

Protecting family wealth: 10 tips for cutting inheritance tax

Inheritance tax - sometimes known as 'death tax' - can cause even more heartache for bereaved families. But th...

Travel insurance: Five tips to ensure a successful claim

Ahead of your summer holiday, it’s important to make sure you have the right level of travel cover or you co...

Money Tips of the Week

Read previous post:
Interest-only mortgage holders could be forced to take action

Tens of thousands of interest-only borrowers are stuck in limbo with no solution to pay-off outstanding capital – but the...