Carphone Warehouse fined £400,000 over data breach

Popular News Tags (5599)

  • Carphone Warehouse has been hit with a £400,000 fine after one of the company’s computer systems was compromised as a result of a cyber-attack back in 2015, affecting millions of people’s data.

    The Information Commissioner’s Office, which is responsible for enforcing data protection rules, said Carphone Warehouse’s failure to secure its systems allowed hackers to gain access to names, address, phone numbers, dates of birth, marital status and, for more than 18,000 customers, historical payment card details.

    In a statement commenting on the penalty, the UK’s information commissioner Elizabeth Denham said, “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.

    Carphone Warehouse should be at the top of its game when it comes to cyber-security, and it is concerning that the systemic failures we found related to rudimentary, commonplace measures.”

    The ICO said it found “multiple inadequacies” in Carphone Warehouse’s data security practices and that the company had “failed to take adequate steps” in protecting customer information, failing to update important software.

    A Carphone Warehouse spokesperson provided the following response statement, “We accept today’s decision by the ICO and have co-operated fully throughout its investigation into the illegal cyberattack on a specific system within one of Carphone Warehouse’s UK divisions in 2015.

    As the ICO notes in its report, we moved quickly at the time to secure our systems, to put in place additional security measures and to inform the ICO and potentially affected customers and colleagues. The ICO noted that there was no evidence of any individual data having been used by third parties.

    Since the attack in 2015 we have worked extensively with cyber security experts to improve and upgrade our security systems and processes.

    We are very sorry for any distress or inconvenience the incident may have caused.”

Share this story

Recommended News

Northern Ireland News

All Northern Ireland News

Trending News

All Trending News

Innovation News

All Innovation News

World News

All World News