Home Legal News £500,000 data breach fine for Dixons Carphone

£500,000 data breach fine for Dixons Carphone

The parent company of Currys PC World has been fined £500,000 after the tills in its shops were compromised by a cyber-attack that affected at least 14 million customers.

Between July 2017 and April 2018, hackers were able to install malware onto 5,390 computer systems and tills located at Currys PC World and Dixon Travel outlets, both owned by DSG Retail Limited.

The software remained undetected over the nine month period, allowing hackers to collect a huge amount of data, including payment card details of 5.6 million people as well as personal information, exposing customers to identity and financial theft and fraud.

Following an investigation into the attack, the Information Commissioner’s Office (ICO) found systemic failures in the retailer’s management and protection of customer data.

The ICO held that the company had failed to maintain adequate security measures to protect its data, resulting in the maximum level of fine being imposed.

As the incident pre-dated the introduction the General Data Protection Regulation (GDPR) in May 2018, it was dealt with under the Data Protection Act 1998, which provided for a maximum fine of £500,000.

Had the GDPR applied, the level of financial penalty could have reached up to 4% of annual turnover, or £17 million.

Last year, the ICO also fined another DSG company, Carphone Warehouse, £400,000 for similar security vulnerabilities.

Lawble
Lawble is a leading legal resource aimed at supporting people and businesses alike by providing reliable information, legal resources and links to leading and reputable legal service providers.

Must Read

N244 Form (Where to Find & How to Complete!)

12 minute read Last updated: 13th August 2019 The N244 form is an application notice, used to apply for a court order in the...

Claiming Under the Sale of Goods Act (What You Should Do!)

5 minute read Last updated: 12 August 2019 Claiming under the Sale of Goods Act is the route a consumer should take if they...

Faulty Goods under Warranty (Your Consumer Rights!)

Where an item under warranty develops a fault, the path to remedying the situation may be as straightforward as claiming against your warranty but...

Nemo Dat Quod Non Habet

Nemo dat quod non habet, literally means "no one gives what he doesn't have". This is a legal rule, sometimes called the nemo dat...

Sale of Goods Act (Your Consumer Rights!)

The Sale of Goods Act 1979 states that all goods purchased or sold in the UK must be as described, of satisfactory quality and...