17 June 2018 - Janet Bird
National security experts are working with Dixons Carphone to investigate a cyber attack which led to a major data privacy breach.
The National Cyber Security Centre (NCSC) - an arm of GCHQ - has confirmed it is working alongside Dixons Carphone, the Information Commissioner's Office and the Financial Conduct Authority after it was discovered that nearly six million customers' bank card details had been illegally accessed, alongside 1.2 million personal data records.
The breach is believed to have occurred last July, but only came to light recently during a review of the retailer's systems.
While Dixons Carphone stressed the 5.8 million card details accessed are PIN-protected, it is believed access was also gained to 105,000 cards from outside of the EU without PIN protection. The personal data from 1.2 million customers that was accessed is reported to include names, addresses and email information.
The company insisted it had detected no attempts to defraud the leaked cards and said it had contacted the card companies involved, alongside the police and relevant authorities, immediately the breach was discovered.
If the current investigation reveals security failings on the part of Dixons Carphone, the retailer could face a fine of up to £500,000 from the Information Commissioner's Office.
The NCSC said anyone concerned about fraud or lost data should contact Action Fraud and also urged people to be vigilant about any suspicious activity in their bank accounts.