Dixons Carphone fined £500,000 after hackers harvested the credit card details of millions of customers
The data of 14m Dixons Carphone customers was compromised over a nine-month period between July 2017 and April 2018
Dixons Carphone has been fined £500,000 by the data watchdog after hackers harvested the card details and personal information of millions of customers.
The Information Commissioner’s Office said the data of 14m people was compromised over a nine-month period between July 2017 and April 2018, when the cyber-attack was finally detected.
Its probe found that malicious software called ‘malware’ was installed in 5,390 tills at the company’s Curry PC World and Dixons Travel stores.
This enabled the fraudsters to siphon off 5.6m payment card details of customers.
The group was lambasted for sloppy security arrangements and failing to protect customers’ data, meaning it fell foul of data protection laws.
Lapses included failing to update software to get rid of bugs and glitches and not carrying out proper security testing.
The regulator fined the firm £400,000 in January 2018 over a separate hack in 2016.