Dixons Carphone disclosed it had been hit by one of the UK’s biggest data hacks, saying that nearly 6m credit card records were exposed in a cyber attack.  The seller of white goods, electronics and mobile phones said that in addition to the credit card records, hackers had gained access to personal data from more than 1m customers.

The group said the hack began last July but was discovered only in the past week.  Managers were unaware of the breach when they issued an unscheduled trading update on May 29.  Cyber experts said the hack could be the largest yet against a British company and it raised long-held concerns about the level of care taken by executives in storing sensitive customer data.

The National Cyber Security Centre — part of GCHQ, Britain’s intelligence and security service — is investigating the breach, alongside the National Crime Agency and the Information Commissioner’s Office.  The Financial Conduct Authority is also examining the attack.  It is the first major breach to be disclosed since the UK’s new data protection laws came into force last month.

Dixons said it had “no evidence that this information has left our systems or has resulted in any fraud at this stage”.   About 5.8m of the cards affected had chip-and-pin protection but 105,000 non-EU cards were also compromised, Dixons said.  Chip-and-pin cards liaise with payments terminals to create a unique transaction code meaning less information is stored by retailers.

Source:  Financial Times