British mobile phone and electricals retailer Dixons Carphone (DC.L) has become the victim of a major cyber attack for the second time in three years after discovering unauthorised access to its payment card data.

Shares in Dixons Carphone, which issued a profit warning last month, fell as much as 6.4 percent on Wednesday, taking year-on-year losses to 37 percent.

“We have taken action to close off this access and have no evidence it is continuing. We have no evidence to date of any fraudulent use of the data as result of these incidents,” the company said.

It said an investigation, which started last week, indicated there was an attempt, going back to July last year, to compromise data on 5.9 million credit cards in one of the processing systems of Currys PC World and Dixons Travel stores.

It said 5.8 million of these cards had chip and pin protection and the data accessed contained neither pin codes, card verification values nor any authentication data that would enable cardholder identification or purchases to be made.

However, it said 105,000 non-EU issued payment cards which do not have chip and pin protection had been compromised.

Dixons Carphone said it had immediately notified the relevant card companies so that they could protect customers.

It said it had found no evidence of any fraud on these cards as a result of this incident.

The group said it had also found that 1.2 million records containing non-financial personal data, such as names, addresses or email addresses, had been accessed. It said there was no evidence of fraud here either.

Dixons Carphone informed Britain’s data protection regulator the Information Commissioner’s Office (ICO), as well as the Financial Conduct Authority (FCA) and the police.

The ICO said it was liaising with the National Cyber Security Centre, the FCA and other agencies to determine the impact on customers.

– By Jack Stubbs, Reuters, 13 June 2018.

Link to Reuters.

VIEW THE FULL ARTICLE