The National Cyber Security Centre has issued advice to anyone who may have been affected by the Dixons Carphone data breach - please see a copy of their advice below.
You are very welcome to share this message with your contacts.
On 13 June 2018, Dixons Carphone plc announced that a review of their systems and data had shown unauthorised access to certain data held by the company.
Dixons Carphone has reported that 1.2m records containing non-financial personal data, such as name, address or email address, have also been accessed. There was also an attempt to compromise 5.9m credit and debit cards. Further details can be found in the Dixons Carphone statement.
Attackers who have the stolen personal data may use it to approach customers, and trick them into revealing further personal information that attackers can use to harm you (for example, your banking login details).
The National Crime Agency (NCA) is now leading the UK law enforcement response to the data breach, with specialist officers from the National Cyber Crime Unit (NCCU) working with the company to secure evidence. Due to the complexity of these enquiries, the investigation will take some time.
What should I do?
Read through the NCSC advice below and take any appropriate steps.
Anyone concerned about fraud or lost data should contact Action Fraud. Action Fraud’s online fraud reporting tool any time of the day or night, or call 0300 123 2040. For further information visit www.actionfraud.police.uk.
We also recommend that people are vigilant against any suspicious activity on their bank accounts and contact their financial provider if they have concerns.
NCSC advice to customers
Monitor your financial accounts online or through statements for strange activity, such as transactions you do not recognise. If you do find something suspicious, report it immediately to your provider or Action Fraud.
Be particularly wary of unsolicited emails, phone calls or SMS messages asking you to disclose further personal details eg login information – especially if they claim to come from your bank/credit card provider. Such scams can be very convincing, and attackers may use your personal data to make them look even more realistic.
Genuine financial institutions will not ask you to reply to an email with personal information, or details about your account. If you contact them, use a phone number/email address you have looked up yourself, rather than one sent to you in the email – it may be false. For further information, look at NCSC guidance on the phishing threat following data breaches.
If you spot a suspicious email, report it to your chosen email provider. Report suspicious phone calls or SMS messages to Action Fraud.
You can check your credit rating quickly and easily online. You should do this every few months anyway, using a reputable service provider and following up on any unexpected or suspicious results.
** Follow @LeicsCyberAware on Twitter for regular advice and guidance on all things Cyber & Fraud **