Dixons Carphone is guilty of systemic data protection failures

Share on facebook
Share on twitter
Share on linkedin

The Information Commissioner’s Office (ICO) has fined Dixons Carphone half a million pounds for “systemic failures” in the way it safeguarded its customers’ personal data. In this data breach case, a hacker installed malware on 5,390 cash registers at Dixons Travel stores and Currys PC World between July 2017 and April 2018. This allowed the attacker to access the personal data of customers. This information included full names, postcodes, email addresses and failed credit checks.

Following an investigation into the breach, the ICO uncovered:

  • Systemic failures in the way DSG Retail Limited safeguarded personal data.
  • Failures relating to basic, commonplace security measures.
  • Vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.
  • A complete disregard for the customers whose personal information was stolen.

But, while the ICO’s fine is significant (although not as big as it could have been under more recent data protection legislation), victims of the Dixons Carphone data breach will not get a penny. Because, while the ICO has the power to issue fines to organisations that breach the Data Protection Act, it does not have any authority when it comes to compensating victims.

Why can you do if Dixons Carphone breached your data?

In this shocking data privacy failure, 14 million customers had their personal data records exposed. Dixons Carphone also discovered a separate attempt which compromised the records of 5.9 million payments cards. Everyone who was impacted by the breach should have been contacted by the national retailer and can now make a data breach compensation claim.

The ICO fine is good news for victims of the data breach

Because the ICO found Dixons Carphone guilty of failing to protect your data, you can use this evidence to support a data breach compensation claim. This is important because:

  • This data breach left customers vulnerable to financial theft and identity fraud.
  • The careless loss of data is likely to have caused distress to many people since the data breach left them exposed to increased risk of fraud.
  • This is not the first time the company has failed to protect its customers’ data. In fact, there is a history of data negligence at the company. It is essential to hold Dixons Carphone to account if data security is to improve.

You do not need to have suffered any financial loss or emotional distress to make a claim. If you have suffered a privacy violation caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation.

Making a Dixons Carphone data breach compensation claim

At Keller Lenkner UK, many of our clients are concerned that their information is at the mercy of cybercriminals following the Dixons Carphone data breach.

In response, and in light of the ICO’s findings, we have launched a group action to help people claim Dixons Carphone breach compensation.

Why use Keller Lenkner UK?

To become part of this group action, we need you to register with us. We can take on your claim on a no-win, no-fee basis so you have nothing to lose.

Register to become part of our Dixons Data Breach group action. 

Share this article:

Share on facebook
Share on twitter
Share on linkedin