Dixons Carphone has said its data breach last year saw around 10 million records containing personal data accessed - far more than it first reported.
In June the company said that 5.9 million customer bank card details and 1.2 million personal data records had been hacked, as we reported in our MSE News story.
But it has today said it has now identified that approximately 10 million records containing personal data may have been accessed in 2017.
It says the records do not contain payment card or bank account details and there is no evidence there has been any fraud as a result.
Dixons Carphone says it will be contacting all of its customers to apologise and advise them of steps to minimise the risk of fraud.
See 30+ Ways to Stop Scams for ways to protect yourself online.
What should I do?
Dixons Carphone says there has been no evidence of fraud as a result of the hack, but there are a few general tips below if you're worried:
- Regularly check your accounts. Dixons Carphone now says that the records do not include payment card or bank account details. Regardless of this, it's good practice to regularly keep an eye on your bank accounts and credit card statements. If you spot anything unusual contact your provider immediately.
- Watch out for scams. Be alert and watch out for potential scam emails or calls - don't simply assume they are genuine even if they look believable.
- Look out for guidance from Dixons. Dixons Carphone says it will be contacting all of its customers to apologise and advise them of steps to minimise the risk of fraud.
What does Dixons Carphone say?
Dixons Carphone chief executive Alex Baldock said: "Since our data security review uncovered last year’s breach, we’ve been working around the clock to put it right. That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today.
"As a precaution, we’re now also contacting all our customers to apologise and advise on the steps they can take to protect themselves.
"Again, we’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.”