Dixons Carphone says it has been the victim of an "unauthorised data access" in which millions of customer bank card details were targeted.
The retailer said there was a likely attempt to compromise millions of cards in a processing system for Currys PC World and Dixons Travel stores. "We have no evidence to date of any fraudulent use of the data as result of these incidents".
However the hackers were able to access the personal data records of 1.2 million customers, with details such as names, addresses and email addresses all leaked. It has informed police, regulators at the Information Commissioner's Office and the Financial Conduct Authority.
Getty Dixons Carphone data breach How many customers were affected by data breach
Chief executive Alex Baldock admitted the group had "fallen short" of its responsibility to protect customer data. Again, Dixons said there was no evidence that it had resulted in any fraud.
The hacking represents a further blow to the company following a series of profit warnings since last summer amid tough trading for its mobile phone arm.
Because the data breach dates back to past year it will be dealt with by the ICO under the powers of the Data Protection Act 1998 and not the European Union General Data Protection Regulation (GDPR) which went into effect on May 25.More news: French farmers block refineries, fuel depots over palm oil imports
However around 105,000 of the accessed cards were non-EU issued, and lacked chip-and-PIN, and it says those cards have been compromised.
The company has launched an investigation into the incident and is said to be engaged with cyber security experts.
"While Dixons has said that there is no evidence of fraud taking place, now the data is in the criminal sphere, it's unlikely to be long before it starts being shopped around amongst criminals, with ensuing phishing and bruteforce attacks launched".More news: 'Wonder Woman 2' Director Confirms Chris Pine's Return With New Image
'We are contacting those whose non-financial personal data was accessed to inform them, to apologise, and to give them advice on any protective steps they should take.
In a statement released this morning, the company said during a review of systems and data, it discovered that there has been "unauthorised access to certain data held by the company".
Others compared the Dixons Carphone breach to the compromise of United States retailer Target in arguing lessons have not been learned.More news: Arsenal willing to meet £26m asking price for midfielder
- IL officer saves 1-year-old seen running on highway
- North Korea Summit: Best Donald Trump & Kim Jong-un Memes
- Arsenal, Liverpool Target Thomas Lemar Agrees to Join Atletico Madrid
- Greece and Macedonia reach deal to end decades-old name dispute
- Karnataka CM Kumaraswamy rejects PM Modi’s fitness challenge, see his reply
- Salah remains a doubt for match against Uruguay-Egyptian FA
- Nadal beats del Porto, advances to final
- Aeon Flux returning to MTV as live-action series
- David De Gea demands public apology from Spanish Prime Minister
- Mix of Western, Asian dishes served at Trump-Kim summit during lunch