You have probably seen the news this morning that Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. It is investigating the hacking attempt, which began in July last year. Dixons Carphone said it had no evidence that any of the cards had been used fraudulently following the breach.
Some thoughts from Andrew Lloyd, president, Corero Network Security:
“This is not the first attack against the high street retailer – it was previously victim to one of the best-known DDoS attacks in 2015 and in January this year was fined £400k by the ICO after exposing the details of millions of its customers. With GDPR now in full force the timing could not be worse for Dixons Carphone.
“Whether this breach was caused by another DDoS or other cyber-attack, this disclosure should serve as a wake-up call to directors of every enterprise who are either in denial or are ignorant of the risks that they’re facing. The same old cyber-defences have been proven to be inadequate. The adoption of proactive, real-time defence solutions is critical to ensuring that enterprises are adequately protected, enabling them to stay open for business during a cyber-attack, minimising the risk of any data breach, resulting in regulatory fines and/or public confidence erosion.”