Carphone Warehouse has revealed that personal details of some 2.4 million customers were exposed in a security breach in the IT systems of one of their divisions. Names, addresses, dates of birth and bank details may have been nabbed, along with encrypted credit card data of up 90,000 customers.
The security breach occurred on August 5 in the division that operates the OneStopPhoneShop.com, e2save.com and Mobiles.co.uk websites, while providing services to Talk Mobile, TalkTalk Mobile, iD Mobile and certain Carphone Warehouse customers.
“Our investigation has indicated that personal data which may include name, address, date of birth and bank details of up to 2.4 million customers may have been accessed,” reads the press release. “Encrypted credit card data of up to 90,000 customers may also have been accessed.”
The company says an investigation is underway and additional security measures have been set in place to prevent further unauthorized access. Although no additional details as to the nature of the security breach were given, the company claims it’s closely working with a “leading cyber security firm to determine exactly what data was affected.”
An email informing potentially affected Carphone Warehouse customers of the security breach has been sent, along with some security tips that might help customers identify any fraudulent activity in their bank accounts.
“We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems,” said Sebastian James, Group Chief Executive of Dixons Carphone. “We are, of course, informing anyone that may have been affected, and have put in place additional security measures.”
Because the security incident is allegedly limited to a single division, the vast majority of the Carphone Warehouse customer data is said to be safe and unaffected by the security breach.