You’re not a CPW customer are you? How about TalkTalk?
Or any of these websites: OneStopPhoneShop.com, e2save.com and Mobiles.co.uk?
If so, then get on to your bank/credit card company ASAP.
- Notify them that you could be one of the affected so they can monitor your account.
- Request a new card if you’ve used them with the affected companies/websites.
- Change passwords to any online accounts you have with them, and anywhere else you use the same details.
- Be wary of anyone calling asking for personal information, bank details or passwords.
- Check with a credit reference agency to make sure no-one is applying for credit in your name.
Personal details of 2.4 million account holders, and 90,000 sets of credit card information are said to have been accessed. What makes this even worse is that Carphone Warehouse is supposed to have PCI DSS accreditation. In a nutshell this means that CPW have been certified as capable of storing your details securely to prevent them being obtained for fraudulent use.
This isn’t TalkTalk’s first faux pas this year either. In February their customers were being targeted by scammers using personal details stolen from their systems.
Unfortunately, the largest fine the Information Commissioner’s Office can hand out for this is £500,000. However, given the scale of the leak, and the potential false claims of compliance, this number could escalate rather rapidly with claims from banks as well.
As Dixons Carphone made £293 million in the last financial year, personally I’d like to see the ICO able to impose a fine of up to £50 per person in cases such as this. It might make it a little more of an incentive to keep your customers’ details secure.
In the interim, if you can’t change your mother’s maiden name, changing who you do business with might not be such a bad idea.