Home / News / Mobile Phone News / Carphone Warehouse hack puts 2.4m customers at risk

Carphone Warehouse hack puts 2.4m customers at risk


carphone warehouse

Carphone Warehouse has suffered a massive cyber-attack that leaves millions of customers’ privacy at risk.

The hack, which took place on August 5, has been described as “sophisticated” by the company.

The smartphone retailer says that the personal details of up to 2.4 million Carphone Warehouse customers may have been accessed.

What’s more, 90,000 customers may have had their encrypted credit card details accessed, according to the BBC.

“We discovered that the IT systems of three of our online UK businesses had been subject to sophisticated cyber-attack,” explains Carphone Warehouse in a letter to customers.

The letter continues: “At this stage, our investigation indicates that some of the data held on our systems has been accessed and this may include some personal details, including customer name, address, date of birth, bank and encrypted card details.”

The three affected parts of the company are OneStopPhoneShop.com, e2save.com, and Mobiles.co.uk.

Carphone Warehouse also provides services to iD Mobile, TalkTalk Mobile, and Talk Mobile.

“We are, of course, informing anyone that may have been affected, and have put in place additional security measures,” says Sebastian James, chief executive at Dixons Carphone.

He adds: “We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems.”

Related: Best Smartphones 2015

According to Carphone Warehouse, all customers who may have been affected by the attack should have received an e-mail with information and advice.

“If you have not received a communication from us regarding data security, your information should not be impacted and this message does not apply to you,” the company explains.

You can find the Carphone Warehouse FAQ on the hack by clicking on this link.

Have you received an e-mail from Carphone Warehouse or been affected by the breach? Let us know in the comments section below.


August 9, 2015, 8:11 am

I'll say it another million times. Our bank details / credit card info should never be stored on any kind of database unless absolutely necessary. It seems common practiise for companies to store our data for their own convenience and advertising. It''s not to protect the public. Most transactions can be taken from our card instantly and does not require to store our personal data.

One day you'll lose more than just your credit/debit details. Do not willy nilly give out your data and ask the damn companies do you delete my bank details after I have made payment. Demand for it. You can't trust them to keep you safe from hackers.


August 9, 2015, 8:35 am

I agree with you 100%.

Phil Smith

August 9, 2015, 2:02 pm

I don't think it would make any difference if the companies where asked to delete details or not, simply because whoever you may talk to on the phone will be just an operator taking calls, with no control over a system that will inevitably have been designed badly from the start :-(

Yep, they will tell you they will delete most of the details (they'd need to keep some so they know how to track you when the bill doesn't get paied etc.), but within 5 seconds of you ending the phone call, htat person won't remember one detail about you and will be away to the coffee machine lol.

It's really odd to me that when I went on college courses on data management in business, they made it all sound so technical so that no error could ever happen like this (I don't mean the hacking, I mean holding private details which should have been erased to MOD standard at least), yet I've not found one system that takes more than the very basics of security into consideration. In training, one error like wrong names/addresses was a course fail, but in real life, security is a farce :-D

Most banks automatically cover false/hacked purchases anyway if asked nicely, I guess they panic at the thought of losing customers that way ;-)

comments powered by Disqus