Shares in the owner of Carphone Warehouse fell today after it revealed that the personal details of up to 2.4 million people may have been stolen when a division of the company was hit by a cyber attack.
Dixons Carphone saw its stock fall nearly 2% in early trading after the group, which also owns the Dixons electrical retail chain, revealed details of the attack on Saturday. Later, the shares were just over 1% lower.
Telecoms group TalkTalk, which also said some of its customers were affected by the incident, saw its shares fall by nearly 1%, though they later recovered to around their opening level.
Carphone Warehouse said the “sophisticated cyber attack” was stopped “straight away” after its own systems discovered it on Wednesday afternoon.
Asked when the data breach began, a spokesman replied: “The evidence indicates within the last two weeks (before Wednesday).”
A spokesman for the independent Information Commissioner’s Office, which examines data breaches, said: “We have been made aware of an incident at Carphone Warehouse and are making inquiries.”
Carphone Warehouse has warned the encrypted credit-card information of up to 90,000 people may have been accessed during the attack.
An investigation carried out by the company found that names, addresses, dates of birth and bank details of customers could also have been accessed.
A spokesman for the retailer said additional security measures have since been put in place.
The affected division of Carphone Warehouse operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk, and provides services to iD Mobile, TalkTalk Mobile, Talk Mobile and some Carphone Warehouse customers.
Many customers were angry that they were not told sooner about the attack.
One user, tenkodragon, wrote: ’“Really annoyed and disappointed that I learned about CarphoneWarehouse customer details hack via news; no contact from company”.
Sebastian James, chief executive of Dixons Carphone, apologised for the incident.
Mr James said: ”We take the security of customer data extremely seriously and we are very sorry that people have been affected by this attack on our systems.
”We are, of course, informing anyone that may have been affected and have put in place additional security measures.”
A spokesman for TalkTalk said: “We understand that the personal data of our mobile customers may have been accessed during the attack.
“We take the security of all customer data extremely seriously and whilst we work with Carphone Warehouse to investigate this incident and establish the extent of the attack, customers are advised to look out for any suspicious online or account activity.”