Today, UK-based mobile retailer Carphone Warehouse shared with its customers that it had been the subject of a “sophisticated” cyber attack, potentially laying bare the personal details of 2.4M of its customers.
If that wasn’t bad enough, credit card information for upwards of 90,000 of those customers might be running out and about, too.
The company found out about the attack last week, which affected its arm that runs the sites: OneStopPhoneShop.com, e2save.com and Mobiles.co.uk. The names, addresses and worst of all, bank details, “may” have been accessed. Which means it was, especially since the “attack” “may” have lasted for nearly two weeks.
In a statement, its CEO Sebastian James said:
We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems. We are, of course, informing anyone that may have been affected, and have put in place additional security measures.
I swear, it’s almost a rule in communications and PR to start out every security-related statement with “we take the security of our blah blah very seriously.” No shit. We would hope so. Alas, this happens anyways. The really difficult part for the customers (remember, the ones who really matter) is that they can’t reach their banks to report this until the weekend is over. Ugh.
Moral of the story? Change your passwords often and trust next to no one with your data.