British electrical and telecommunications retailer Dixons Carphone has reported a major data breach during a review of its systems and data.
According to the retailer, the breach may have compromised 5.9 million cards in one of the processing systems of its Currys PC World and Dixons Travel stores.
Of the 5.9 million cards, 5.8 million have chip and pin protection and 105,000 non-EU issued cards do not have chip and pin protection.
The retailer has notified the relevant authorities, including the ICO, FCA, the police and payment card companies regarding the incident, enabling them to take appropriate measures to protect customers.
However, Dixons Carphone currently has no evidence of any fraudulent use of the data as a result of these incidents.
The company has launched an investigation with immediate effect and is working with cyber security experts to close off this access and take extra security measures.
Dixons Carphone chief executive Alex Baldock said: “We are extremely disappointed and sorry for any upset this may cause.
“The protection of our data has to be at the heart of our business, and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and, though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously.
“We are determined to put this right and are taking steps to do so.
“We promptly launched an investigation, engaged leading cyber security experts, added extra security measures to our systems and will be communicating directly with those affected.”
The company has also reported the breach of 1.2 million records containing non-financial personal data such as names, addresses or email addresses.
Dixons Carphone is currently contacting these customers to inform them, apologise and give them advice on required protective measures.