The news of the Dixons Carphone hack was massively delayed. The hack occurred in July 2017, yet news only broke of the scandal in June 2018.
A review of the company’s systems apparently took place with the arrival of new boss, Mr Baldock. But the hack happened almost year on from the news breaking, which simply isn’t good enough. How did the Dixons Carphone hack go unnoticed for almost a whole year? How can an organisation’s systems be so bad that it takes almost a year to break the news of a hack?
Dixons Carphone hack reporting delays must be explained
The reporting delays of the Dixons Carphone hack must be explained. It must not be a matter that’s allowed to be swept under the carpet and forgotten.
The details for some 5.9m credit and debit cards was breached in the Dixons Carphone hack, as was around 1.2m personal records. This is not a small hack; this may well be this year’s big data breach, sitting amongst others so far like the massive Ticketmaster data breach we’re representing victims for.
The reporting delays must be explained, and we look forward to answers soon.
Delays and naivety not uncommon
One thing that’s relevant to note is that the reporting delays witnessed in the massive Dixons Carphone hack is not uncommon; and neither is the naivety shown.
It took Equifax months to discover that their systems had been broken into, leaving some 700,000 UK victims of the data breach vulnerable. Because their systems were unable to identify the ongoing vulnerability that they were responsible for in the first place, we’re confident in the legal action we’re taking against them.
The Dixons Carphone hack situation draws several similarities to this regard.
The Ticketmaster data breach I referenced above is also another easy example. They were warned in April that their systems may have been breached, yet they only “discovered” the breach at the end of June this year.
How are these big organisations getting it so wrong, time and time again?
GDPR and the Dixons Carphone hack?
The issue as to whether GDPR will apply to the Dixons Carphone hack is uncertain. The data hack reportedly took place last year, which is prior to the change in the law, but news of the hack broke after the introduction of the new laws.
Will this mean that the UK’s data watchdog, the Information Commissioner’s Office (ICO), applies the new rules retrospectively? If they do, Dixons Carphone could become the first big name to be hit with the new powers the ICO has that can allow fines to run into the millions of pounds.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.