Connect with us
Carphone Warehouse Fine Carphone Warehouse Fine

Companies

Carphone Warehouse Hit with £400k Fine

 2 min read / 

Carphone Warehouse has been hit with a hefty £400,000 fine from the UK’s data watchdog for security failings attached to a 2015 hack.

The cyber-attack affected three million customers, compromising personal data such as: names, addresses, dates of birth, phone numbers and marital status. More than 18,000 customers had historical payment card details compromised.

Employees of the British mobile phone retailer were also affected, with names, phone numbers, postcodes and car registration details being leaked.

The penalty is almost the £500,000 maximum the regulator can currently issue, showing the severity of the hack. The UK’s information commissioner Elizabeth Denham said: “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.”

According to the Information Commissioner’s Office (ICO), the hackers used valid login details to access Carphone Warehouse’s system via outdated WordPress software. The security breach also exposed shortfalls in the company’s security measures, with out of date systems and failure to carry out routine security tests.

The ICO issued a similar penalty to TalkTalk in 2016 for a data breach the previous year affecting 157,000 customers.

By May 2018, the maximum fine that data protection regulators in the European Union can issue will increase significantly to £17m or 4% of a company’s annual turnover.

Sign up to Mogul News.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Send this to a friend