shutterstock-1086762179
Data Privacy and Security

News Roundup: Dixons Carphone are the first company to make a post-legislative disclosure

GDPR

I know the last thing anyone wants to talk about is GDPR, but judging by the amount of emails I received about it, the Dixons Carphone data breach was the biggest story of the week, so that’s what we’re opening with.

In July 2017, attackers gained access to the payment card details of a staggering 5.9 million customers alongside an additional 1.2 million records containing personal information such as names, addresses and email addresses.

Despite the criminals infiltrating the database 12 months ago, the company only disclosed the findings on Monday. It’s still unclear when they were alerted to the breach but it’s the first high-profile case since the GDPR came into force, which states “if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, you must also inform those individuals without undue delay.”

Dixons Carphone CEO Alex Burdock told reporters that only details from 105,000 cards included in the breach would have the potential to be used fraudulently, as they belonged to individuals living outside the EU and lacked chip and pin protection. However, this might not be enough to stop the company receiving a €20million fine.

To continue reading...


PREVIOUS ARTICLE

« How Formula 1 evolved into a data-first sport on wheels

NEXT ARTICLE

5 blockchain use cases in Africa »
Charlotte Trueman

Charlotte is Staff Writer at IDG Connect

  • Mail

Recommended for You

How to (really) evaluate a developer's skillset

Adrian Bridgwater’s deconstruction & analysis of enterprise software

Unicorns are running free in the UK but Brexit poses a tough challenge

Trevor Clawson on the outlook for UK Tech startups

Cloudistics aims to trump Nutanix with 'superconvergence' play

Martin Veitch's inside track on today’s tech trends

Poll

Is your organization fully GDPR compliant?