Dixons Carphone says 2017 cyberattack was much bigger than it thought

The British electronics retailer revealed that 10 million records were accessed.

Sean Keane Former Senior Writer

Sean knows far too much about Marvel, DC and Star Wars, and poured this knowledge into recaps and explainers on CNET. He also worked on breaking news, with a passion for tech, video game and culture.

Expertise Culture, Video Games, Breaking News

See full bio

Sean Keane

July 31, 2018 3:28 a.m. PT

Carphone Warehouse store closures — Dixons Carphone says 10 million records containing personal data may have been impacted in a 2017 cyberattack.
Yui Mok - PA Images

Dixons Carphone admitted that a 2017 cyberattack may have affected 10 million records containing personal data, far more than its original estimate.

The UK electronics retailer's investigation into the security breach revealed that some of the data may have been taken from its systems, but doesn't think it contains payment card or bank account details, it said in a Tuesday press release.

In June, the company reported that the breach impacted 5.9 million payment cards and 1.2 million personal data records in one of the processing systems of Currys PC World and Dixons Travel stores.

It noted that there is no evidence of any fraud as a result of the attack, but it's keeping authorities updated and is contacting customers to suggest precautionary measures.

"Since our data security review uncovered last year's breach, we've been working around the clock to put it right. That's included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we're updating on today," Dixons Carphone CEO Alex Baldock said in a statement.

"I want to assure them that we remain fully committed to making their personal data safe with us."

Dixons Carphone didn't immediately respond to a request for further comment.