Dixons Carphone says it has been the victim of an "unauthorised data access" in which millions of customer bank card details were targeted.
The retailer said there was a likely attempt to compromise millions of cards in a processing system for Currys PC World and Dixons Travel stores. "We have no evidence to date of any fraudulent use of the data as result of these incidents".
However the hackers were able to access the personal data records of 1.2 million customers, with details such as names, addresses and email addresses all leaked. It has informed police, regulators at the Information Commissioner's Office and the Financial Conduct Authority.
Getty Dixons Carphone data breach How many customers were affected by data breach
Chief executive Alex Baldock admitted the group had "fallen short" of its responsibility to protect customer data. Again, Dixons said there was no evidence that it had resulted in any fraud.
The hacking represents a further blow to the company following a series of profit warnings since last summer amid tough trading for its mobile phone arm.
Because the data breach dates back to past year it will be dealt with by the ICO under the powers of the Data Protection Act 1998 and not the European Union General Data Protection Regulation (GDPR) which went into effect on May 25.More news: Mix of Western, Asian dishes served at Trump-Kim summit during lunch
However around 105,000 of the accessed cards were non-EU issued, and lacked chip-and-PIN, and it says those cards have been compromised.
The company has launched an investigation into the incident and is said to be engaged with cyber security experts.
"While Dixons has said that there is no evidence of fraud taking place, now the data is in the criminal sphere, it's unlikely to be long before it starts being shopped around amongst criminals, with ensuing phishing and bruteforce attacks launched".More news: Karnataka CM Kumaraswamy rejects PM Modi’s fitness challenge, see his reply
'We are contacting those whose non-financial personal data was accessed to inform them, to apologise, and to give them advice on any protective steps they should take.
In a statement released this morning, the company said during a review of systems and data, it discovered that there has been "unauthorised access to certain data held by the company".
Others compared the Dixons Carphone breach to the compromise of United States retailer Target in arguing lessons have not been learned.More news: Virginia Primary Voter Guide
- David De Gea demands public apology from Spanish Prime Minister
- Justify wins Belmont to become 13th Triple Crown champion
- Nadal beats del Porto, advances to final
- Canada parliament slams US' Trudeau attack
- Tottenham's Toby Alderweireld says he could stay amid Manchester United links
- US, Mexico and Canada to host 2026 World Cup finals
- Selfie death as British tourist plunges off cliff in Portugal
- Olympic Skier Bode Miller's 19-Month-Old Daughter Dies After Pool Accident
- US, Mexico and Canada to host 2026 World Cup
- Dukes Of Hazzard star begins jail sentence