Skip to main content

Dixons Carphone hack exposes 5.9 million cards, 10 million accounts

Dixons Carphone underestimated data hack, now says 10 million affected

Prominent U.K. mobile technology retailer Dixons Carphone has been the victim of a massive data hack, in which payment details for 5.9 million customers were accessed illegally. The payment data was stored in the processing system of Currys PC World and Dixons Travel stores, the latter of which operates in airports. In addition to the payment details, Dixons Carphone initially said the names, addresses, and email addresses of 1.2 million people in the firm’s database had been accessed. In July, it then revised this number to 10 million.

The company says this information has not been used fraudulently, but is contacting affected customers nonetheless. Dixons Carphone said 5.8 million cards that were accessed were protected by chip-and-PIN payment protection, and the important card verification value number (CVV) printed on the back of payment cards was not stored, leaving the majority of customers free from immediate worry. However, the remaining 105,000 cards accessed in the hack were cards not issued in Europe and did not have chip-and-PIN protection. These cards were likely used at Dixons Travel stores by airport visitors, but Dixons Carphone says it hasn’t found evidence of fraud in these either.

Recommended Videos

Steps to avoid any payment fraud have already been taken by the group, and relevant card companies have been informed of the breach, helping to minimize the chances of further problems. After revealing the increase to 10 million accounts accessed, a Dixons Carphone representative told the BBC it is, “very sorry for any distress caused.”

The company has been investigating the breach since July 2017, indicating a considerable gap between discovering the security problem and the subsequent public announcement. The hack was discovered during a review of the firm’s systems and data, according to its statement on the matter, and it reassures customers the security holes have been closed and there has been no evidence of further snooping. It has subsequently said it is adding new security measures, and the investigation is helping to build a better picture of what happened, and has likely brought the increase in accounts accessed to light.

It’s not the first time the group has had security problems. In 2015 an attack on Carphone Warehouse left the details of 2.4 million customers exposed, along with the payment data of 90,000 people. It was subsequently fined 400,000 British pounds/$533,000 by the Information Commissioners Office (ICO) in 2018 — one of the largest fines it has issued. Retailer Dixons merged with Carphone Warehouse in 2014.

At the time, ICO commissioner Elizabeth Denham said: “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.” We’d expect the agency to pay considerable attention to this second, more serious breakdown in security at the company.

Update on July 31: Added revised number of accounts accessed from 1.2 million to 10 million

Andy Boxall
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
Everything you need to know about the OnePlus 13
Official OnePlus 13 product renders showing rear panel colors.

OnePlus is an excellent brand that offers powerful flagship phones at a great value compared to some of its competitors. We followed every rumor about the OnePlus 13 for months, but now it's here — and it's everything we hoped for. It might not be available in the Western market yet, but it will be soon.

So, what makes the OnePlus 13 so special? Here's everything you need to know about OnePlus' latest flagship.
When is the OnePlus 13 being released?

Read more
Qualcomm Snapdragon 8 Elite vs. MediaTek Dimensity 9400: the race is on
Comparison of Qualcomm Snapdragon 8 Elite and MediaTek Dimensity 9400 processors.

The flagship mobile silicon race has entered its next phase, one that will dictate the trajectory of Android hardware heading into 2025. Merely weeks after MediaTek wowed us with the Dimensity 9400 system on a chip (SoC), Qualcomm also pulled a surprise with the reveal of the Snapdragon 8 Elite.

But this time around, the battle is not as straightforward. Where MediaTek is working closely with Arm and adopting its latest CPU and graphics innovations, Qualcomm has firmly put its faith in custom cores. These are no ordinary cores, but a next-gen iteration of the same fundamental tech stack that powers Windows on ARM laptops.

Read more
Discolored line on your new Kindle? You aren’t alone
Amazon Kindle Colorsoft Signature Edition on a table.

The new Kindle Colorsoft Signature Edition is the first full-color e-reader, and a lot of bookworms couldn't wait to get their hands on it. Sadly, many people are reporting the display has a discolored yellow area at the bottom of the screen. The problem is so widespread that the Kindle Colorsoft dropped to an average review rating of 2.6 out of 5, although it does remain the bestselling e-book reader at the moment.

The cause of the discoloration isn't clear. Some users report that it only happens when using the edge lighting feature on the Kindle, while others say it appeared after a software update. Either way, the yellowing is a problem, especially on a device that Amazon has marketed as being great for comics and graphic novel fans. It's hard to enjoy the colorwork in a comic when it's distorted.

Read more