Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Dixons Carphone data breach

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > General Discussion > Current Affairs

Dixons Carphone data breach
Reply
 
Thread Tools
Old 13-06-2018, 08:51   #1
Hugh
laeva recumbens anguis
Cable Forum Team
 
Hugh's Avatar
 
Join Date: Jun 2006
Age: 67
Services: Premiere Collection
Posts: 42,039
Hugh has a golden auraHugh has a golden aura
Hugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden aura
Dixons Carphone data breach

Just been mentioned on BBC TV news that Dixons Carphone have announced they have had a data breach, with up to 6 million payment card details taken.

Link to follow when more info is available.

Update- apparently two separate incidents in the last year in "data hacks".

1st - 6 million card details taken

2nd - 1 million personal details (name and address, etc) taken.

https://www.bbc.co.uk/news/business-44465331
Quote:
Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records.

It has begun investigating the hacking attempt, which it said happened in the past year.

Dixons Carphone said it had no evidence that any of the cards had been used fraudulently following the breach.

It said 5.8 million of the credit and debit cards had chip-and-pin protection and that pin codes had not leaked.

As a result, about 105,000 non-EU cards, which were not chip-and-pin, had been compromised, it said.

The hackers had tried to gain access to one of the processing systems of Currys PC World and Dixons Travel stores, the firm said.

Dixons Carphone chief executive Alex Baldock said it was "extremely disappointed" by the data breach and "sorry for any upset",

"The protection of our data has to be at the heart of our business, and we've fallen short here.

"We've taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously," he added.
__________________
There is always light.
If only we’re brave enough to see it.
If only we’re brave enough to be it
.
If my post is in bold and this colour, it's a Moderator Request.

Last edited by Hugh; 13-06-2018 at 09:10.
Hugh is online now   Reply With Quote
Advertisement
Old 13-06-2018, 09:05   #2
denphone
Still alive and fighting
 
denphone's Avatar
 
Join Date: Jun 2007
Location: In the land of beyond and beyond.
Services: XL BB, 3 360 boxes , XL TV.
Posts: 56,296
denphone has a golden auradenphone has a golden aura
denphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden auradenphone has a golden aura
Re: Carphone Warehouse data breach

So much for all the big promises of our data being securely protected.
__________________
“The only lesson you can learn from history is that it repeats itself”
denphone is offline   Reply With Quote
Old 13-06-2018, 09:28   #3
OLD BOY
Rise above the players
 
Join Date: Mar 2008
Location: Wokingham
Services: 2 V6 boxes with 360 software, Now, ITVX, Amazon, Netflix, Lionsgate+, Apple+, Disney+, Paramount +,
Posts: 14,568
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
Re: Carphone Warehouse data breach

Quote:
Originally Posted by denphone View Post
So much for all the big promises of our data being securely protected.
Well, the highly bureaucratic GDPR only came into force last month, Den.

---------- Post added at 08:28 ---------- Previous post was at 08:20 ----------

Quote:
Originally Posted by Hugh View Post
Just been mentioned on BBC TV news that Dixons Carphone have announced they have had a data breach, with up to 6 million payment card details taken.

Link to follow when more info is available.

Update- apparently two separate incidents in the last year in "data hacks".

1st - 6 million card details taken

2nd - 1 million personal details (name and address, etc) taken.

https://www.bbc.co.uk/news/business-44465331
I bought a phone from them a few years ago and later that same day I had someone contact me alleging they were from Carphone Warehouse saying that they had a better deal on the insurance than I had been offered. They made a point of telling me what phone I had bought (they said this several times) and read out to me some of my personal details, all designed to reassure me they were who they said they were. Then they asked for my date of birth and my mother's maiden name, at which point the strangeness of the whole conversation dawned on me. It was clearly a scam and I terminated the call.

The fact that these people had all these details about my purchase indicated to me that this was an inside job, although it could have been a hack. I was unnerved enough by this experience to vow never to use them again, and I have used Virgin Mobile ever since.

My point in relating this is I think Carphone Warehouse may have had security issues for some years and the problem is worse than it would first appear.
OLD BOY is offline   Reply With Quote
Old 13-06-2018, 10:29   #4
Mythica
cf.geek
 
Join Date: Dec 2013
Posts: 956
Mythica has reached the bronze age
Mythica has reached the bronze ageMythica has reached the bronze age
Re: Carphone Warehouse data breach

Quote:
Originally Posted by OLD BOY View Post
Well, the highly bureaucratic GDPR only came into force last month, Den.

---------- Post added at 08:28 ---------- Previous post was at 08:20 ----------



I bought a phone from them a few years ago and later that same day I had someone contact me alleging they were from Carphone Warehouse saying that they had a better deal on the insurance than I had been offered. They made a point of telling me what phone I had bought (they said this several times) and read out to me some of my personal details, all designed to reassure me they were who they said they were. Then they asked for my date of birth and my mother's maiden name, at which point the strangeness of the whole conversation dawned on me. It was clearly a scam and I terminated the call.

The fact that these people had all these details about my purchase indicated to me that this was an inside job, although it could have been a hack. I was unnerved enough by this experience to vow never to use them again, and I have used Virgin Mobile ever since.

My point in relating this is I think Carphone Warehouse may have had security issues for some years and the problem is worse than it would first appear.
It was likely not a scam and some part of CPW offering deals.
Mythica is offline   Reply With Quote
Old 14-06-2018, 17:46   #5
OLD BOY
Rise above the players
 
Join Date: Mar 2008
Location: Wokingham
Services: 2 V6 boxes with 360 software, Now, ITVX, Amazon, Netflix, Lionsgate+, Apple+, Disney+, Paramount +,
Posts: 14,568
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
Re: Carphone Warehouse data breach

Quote:
Originally Posted by Mythica View Post
It was likely not a scam and some part of CPW offering deals.
Asking for my date of birth and mother's maiden name? I don't think so!
OLD BOY is offline   Reply With Quote
Old 14-06-2018, 20:24   #6
Mythica
cf.geek
 
Join Date: Dec 2013
Posts: 956
Mythica has reached the bronze age
Mythica has reached the bronze ageMythica has reached the bronze age
Re: Carphone Warehouse data breach

Quote:
Originally Posted by OLD BOY View Post
Asking for my date of birth and mother's maiden name? I don't think so!
You'd be surprised.
Mythica is offline   Reply With Quote
Old 14-06-2018, 21:08   #7
Chloé Palmas
Inactive
 
Join Date: May 2018
Location: Surrey
Services: Sky HD (2 TB / 1.5 TB MultiRoom) Sky Fiber Max
Posts: 510
Chloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation era
Re: Dixons Carphone data breach

Usually most companies do ask for some verification that it is you - did their number show that it was CWH or was it private / unknown?

You could have told them that you were going to call back their automated service and get through to them with verification that you dialed the correct number for them.

Though it is a pain going through it from scratch - some places are an absolute pain and it takes forever to get through.
Chloé Palmas is offline   Reply With Quote
Old 15-06-2018, 00:47   #8
OLD BOY
Rise above the players
 
Join Date: Mar 2008
Location: Wokingham
Services: 2 V6 boxes with 360 software, Now, ITVX, Amazon, Netflix, Lionsgate+, Apple+, Disney+, Paramount +,
Posts: 14,568
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
Re: Dixons Carphone data breach

Quote:
Originally Posted by Chloé Palmas View Post
Usually most companies do ask for some verification that it is you - did their number show that it was CWH or was it private / unknown?

You could have told them that you were going to call back their automated service and get through to them with verification that you dialed the correct number for them.

Though it is a pain going through it from scratch - some places are an absolute pain and it takes forever to get through.
You NEVER give your date of birth and mother's maiden name when you get an unsolicited call, for heaven's sake! How long does it take to get that message through?
OLD BOY is offline   Reply With Quote
Old 15-06-2018, 01:16   #9
Chloé Palmas
Inactive
 
Join Date: May 2018
Location: Surrey
Services: Sky HD (2 TB / 1.5 TB MultiRoom) Sky Fiber Max
Posts: 510
Chloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation era
Re: Dixons Carphone data breach

Which part of "you could call them back on a verified line" to make sure that it was them did you not get?

Also, if they ask for no verification then it is likely not a legitimate call, either. For all they know, they could be talking to anyone.
Chloé Palmas is offline   Reply With Quote
Old 16-06-2018, 14:50   #10
OLD BOY
Rise above the players
 
Join Date: Mar 2008
Location: Wokingham
Services: 2 V6 boxes with 360 software, Now, ITVX, Amazon, Netflix, Lionsgate+, Apple+, Disney+, Paramount +,
Posts: 14,568
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
Re: Dixons Carphone data breach

Quote:
Originally Posted by Chloé Palmas View Post
Which part of "you could call them back on a verified line" to make sure that it was them did you not get?

Also, if they ask for no verification then it is likely not a legitimate call, either. For all they know, they could be talking to anyone.
There was no point. It was clearly a scam. The request for my date of birth and mother's maiden name was a dead giveaway. No reputable company would cold call you and ask for that information.
OLD BOY is offline   Reply With Quote
Old 16-06-2018, 14:58   #11
Mr K
Woke and proud !
 
Mr K's Avatar
 
Join Date: Jun 2004
Services: TV, Phone, BB, a wife
Posts: 9,106
Mr K has a nice shiny star
Mr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny starMr K has a nice shiny star
Re: Dixons Carphone data breach

Quote:
Originally Posted by Chloé Palmas View Post
Which part of "you could call them back on a verified line" to make sure that it was them did you not get?

Also, if they ask for no verification then it is likely not a legitimate call, either. For all they know, they could be talking to anyone.
And if they don't hang up, you could get through to exactly same scam people. Don't answer the phone is my advice, it's usually the Mother-in-law anyway.
Caller ID will made free to everyone this year which will help.
Mr K is offline   Reply With Quote
Old 16-06-2018, 16:50   #12
heero_yuy
Perfect Soldier
 
heero_yuy's Avatar
 
Join Date: Mar 2009
Location: Worthing West Sussex
Age: 66
Services: VM 500M SH3 thingy in modem mode XL TV V6 Sony Bravia smart TV and M phone
Posts: 10,966
heero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered stars
heero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered starsheero_yuy is seeing silvered stars
Re: Dixons Carphone data breach

Quote:
Quote from Mr K:

And if they don't hang up, you could get through to exactly same scam people.
IIRC that's going to change shortly and the caller will only be able to hold the line for a second or two after the recipient hangs up. This is specifically to stop that scam.
__________________
History is much like an endless waltz: The three beats of war, peace and revolution continue on forever.
However history will change with my coronation - Mariemaia Khushrenada
heero_yuy is online now   Reply With Quote
Old 16-06-2018, 20:06   #13
Mythica
cf.geek
 
Join Date: Dec 2013
Posts: 956
Mythica has reached the bronze age
Mythica has reached the bronze ageMythica has reached the bronze age
Re: Dixons Carphone data breach

Quote:
Originally Posted by OLD BOY View Post
There was no point. It was clearly a scam. The request for my date of birth and mother's maiden name was a dead giveaway. No reputable company would cold call you and ask for that information.
The best thing to do is Google the number. There will be plenty of people saying scam, scam, scam. If you carry on reading you'll then find it was some kind of company in partnership or something similar with the likes of EE or Carphone Warehouse trying to sell upgrades or insurance.
Mythica is offline   Reply With Quote
Old 17-06-2018, 17:45   #14
OLD BOY
Rise above the players
 
Join Date: Mar 2008
Location: Wokingham
Services: 2 V6 boxes with 360 software, Now, ITVX, Amazon, Netflix, Lionsgate+, Apple+, Disney+, Paramount +,
Posts: 14,568
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
OLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronzeOLD BOY is cast in bronze
Re: Dixons Carphone data breach

Quote:
Originally Posted by Mythica View Post
The best thing to do is Google the number. There will be plenty of people saying scam, scam, scam. If you carry on reading you'll then find it was some kind of company in partnership or something similar with the likes of EE or Carphone Warehouse trying to sell upgrades or insurance.
Mythica, they would never ask for your mother's maiden name if it wasn't a scam, that was my point.
OLD BOY is offline   Reply With Quote
Old 24-06-2018, 16:45   #15
Chloé Palmas
Inactive
 
Join Date: May 2018
Location: Surrey
Services: Sky HD (2 TB / 1.5 TB MultiRoom) Sky Fiber Max
Posts: 510
Chloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation eraChloé Palmas has entered a golden reputation era
Re: Dixons Carphone data breach

If they ask "for security, can you please confirm..." and the question is "your mother's maiden name?" they absolutely do use that line of questioning for other companies. If it is the security question then you absolutely can and would be asked that, irrespective of company.

Now there are questions that I have set (involving lingerie for example) that only I would know that I only ever set - if they ask that they either have hacked into the central system of the company that I either set it with, or they are who they claim to be.

If they preface it with "the reason we need to talk to you" and I know that to be legitimate and they also say "but first we need to verify security" and I can tell that it is a legitimate number they are calling for it is entirely likely that it is a legitimate call and not a scam. But those variables will be down to you to figure out at the time. If you can think on your feet, you should be fine.
Chloé Palmas is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 10:38.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.