Slashdot Mirror

← Back to Stories (view on slashdot.org)

2.4 Million Customer's Records Stolen From Carphone Warehouse

Posted by timothy on from the maybe-they-were-just-borrowed dept.

AmiMoJo writes: The UK's data watchdog is "making inquiries" after Carphone Warehouse said the personal details of up to 2.4 million of its customers may have been accessed in a cyber-attack. Details taken include names, addresses and bank account details. Additionally, 90,000 people's "encrypted" credit card details were accessed, but there is no word on what type of encryption was used. Customers are advised to contact their banks (who I'm sure will be ready to handle 2.4 million phone calls), keep an eye on credit records and contact Action Fraud, the UK police's outsourced and rather useless fraud reporting centre that last month went bankrupt.

6 of 51 comments (clear)

  1. At Least... by sycodon · · Score: 2

    ...it's not something Paul Potts has to worry about.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
  2. ROT-13, twice by John+Bokma · · Score: 4, Funny

    "Additionally, 90,000 people's "encrypted" credit card details were accessed, but there is no word on what type of encryption was used" Wouldn't surprise me if it was ROT-13, applied twice for twice the security :-(.

    --

    Perl Programmer for hire
    1. Re:ROT-13, twice by houghi · · Score: 2, Interesting

      Not sure if they even are allowed to give any information to the banks. There are serious restrictions on what can and what can not be done due to privacy laws in Europe.

      I know that where I am, we would NOT be allowed to inform the banks of our customers doing, besides; well, nothing.
      We could send a general message to them, but that is where it stops and I assume that has been done.

      And the bank can not take action because of a third part who says something. Also due to privacy reasons.

      Otherwise any disgrunteld person could call and say whatever about my account. So even though it sounds stupid that people must solve this themseves, it is not.

      What might even happen is that they send the info of the breach to the bank and then the bank can contact the customer, if they want to. However the official stand would ALWAYS be "have an issue with you bank? Contact your bank." In no way can one company take action in name of another.

      And what about the saved Credit Card information? This is most likely due to the fact that people want to have their monthly payments done by Credit Card.

      --
      Don't fight for your country, if your country does not fight for you.
  3. Re:Carphone? by AmiMoJo · · Score: 2

    It's an old name, they don't actually see carphones any more, only normal mobile phones (and some really shitty hands-free kits for your car). They actually had the good sense to keep their name, despite it being outdated.

    Brand management idiots will often recommend rebranded, but it's almost always suicide. Coco-Pops became something forgettable and then had to change back. Royal Mail became Consignia and then had to change back. People recognize Carphone Warehouse now, despite it not selling carphones or being a warehouse.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. Re:Carphone? by Xiaran · · Score: 2

    You forgot the geek one. Borland -> Inspire. One of the most recognised names in the software industry and they change it to one of the worst.

  5. Re:The worst part about this breach by nitehawk214 · · Score: 2, Funny

    Its just a brand name .. they sell mobile phones. They kept the name because apparently it hasd brand value

    Brand value? So they are also idiots in marketing as well as security.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust