Is there any major retailer that won’t eventually announce a mass data breach? UK-based Carphone Warehouse is the latest to admit to a security violation.
As BBC News reports, up to 2.4 million customers’ personal details may have been accessed, while as many as 90,000 customers may have had their (encrypted) payment details stolen.
The OneStopPhoneShop.com, e2save.com and Mobiles.co.uk websites, operated by Carphone Warehouse, were the main victims of the breach, which hit a part of the company that also provides services to iD Mobile, TalkTalk Mobile, Talk Mobile and some Carphone Warehouse customers. The company is contacting affected customers.
It’s now commonplace for major security breaches to be announced at companies with big customer databases, and it’s impossible to say how many additional attacks are never revealed or never even detected.
Unless those who hold our data get more serious about protecting it, we’ll all be victims eventually. Tougher legislation should be a starting point for governments around the world. Earlier this year, for example, Barack Obama proposed a 30-limit by which US companies would need to have publicly acknowledged successful hack attacks on their servers.