Carphone Hack: Customers Could Be Exploited

Carphone Warehouse customers are being urged to change their online passwords, amid fears that fraudsters will exploit a data breach which may have compromised the personal details of up to 2.4 million people.
Get Safe Online, a government security service, has described the cyberattack as “hugely concerning” – and is warning that criminals may make phone calls and emails purporting to be from Carphone Warehouse, in a bid to trick those affected into sharing even more sensitive information.
The initiative’s chief executive, Tony Neate, said: “With the stolen data potentially including names, addresses and dates of birth, hackers could also gain access to your other online accounts if you are using any of this information for your passwords.
“If this is you, now is the time to give your passwords an overhaul – think of something unpredictable and different for every account.”
According to the retailer’s parent company, Dixons Carphone, the encrypted card data of up to 90,000 customers may also have been accessed in the hack, which is thought to have taken place in the last fortnight.
The “sophisticated” attack, which was discovered on Wednesday, affects the division which operates OneStopPhoneShop.com, e2save.com and Mobiles.co.uk – and also provides services to TalkTalk Mobile, Talk Mobile and iD Mobile customers.
In a statement, Dixons Carphone said it was aiming to contact all 2.4 million customers affected last night.
The group’s chief executive, Sebastian James, confirmed “additional security measures” have been put in place by the company.
He added: “We take the security of customer data extremely seriously, and we are very sorry people have been affected by the attack on our systems.”
A letter sent to customers of Mobiles.co.uk has recommended customers to notify banks and credit card companies that they have been affected by the hack, allowing them to monitor accounts for unusual activity.
It also advised consumers to check their credit rating to make sure no one has taken loans or credit in their name.
Meanwhile, the UK’s data watchdog, the Information Commissioner’s Office, has said it is “making inquiries” into the incident.
The Carphone Warehouse data breach is just the latest in a series of high-profile organisations to have the personal data of customers accessed by hackers.
Others that have been hit recently include Sony, Adult Friend Finder, Ashley Madison, eBay, and the US Office of Personnel Management.
Sky’s Technology Correspondent Tom Cheshire has said the growing number of cyberattacks could lead to a loss of confidence in the Internet.