• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Curries / PC World data breach

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Curries / PC World data breach

    Got this in the inbox this morning:

    Dear Customer

    On June 13, we began to contact a number of our customers as a precaution after we found that some of our security systems had been accessed in the past using sophisticated malware.

    We promptly launched an investigation. Since then we have been putting further security measures in place to safeguard customer information, increased our investment in cyber security and added additional controls. In all of this we have been working intensively with leading cyber security experts.

    Our investigation, which is now nearing completion, has identified that approximately 10 million records containing personal data may have been accessed in 2017. This unauthorised access to data may include personal information such as name, address, phone number, date of birth and email address.

    While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and we have no confirmed instances of customers falling victim to fraud as a result. We are continuing to keep the relevant authorities updated.

    As a precaution, we are letting our customers know to apologise and advise them of protective steps to take to minimise the risk of fraud. These include:
    If you receive an unsolicited email, letter, text or phone call asking for personal information, never reveal any full passwords, login details or account numbers until you are certain of the identity of the person making the request. Please do not click on any links you do not recognise.
    If you think you have been a victim of fraud you should report it to Action Fraud, the UK’s national fraud and internet crime reporting centre, on 0300 123 2040*.
    We also recommend that people are vigilant against any suspicious activity on their bank accounts and contact their financial provider if they have concerns.
    You can find more information here

    We take the security of your data extremely seriously and have previously announced that we have taken action to close off this access and have no evidence it is continuing. Nevertheless, we felt it was important to let customers know as soon as possible.

    We continue to make improvements and investments to our security systems and we’ve been working round the clock to put this right. We’re extremely sorry about what has happened – we’ve fallen short here. We want to reassure you that we are fully committed to protecting your data so that you can be confident that it is safe with us.

    Yours sincerely,

    Antreas Athanassopoulos
    Dixons Carphone Chief Customer Officer

    #2
    put your email address(es) into www.haveibeenpwned.com and see if your details have come up in any breaches.

    I have an alert configured on all the domains I own so I get notified as soon as my details are found

    Comment


      #3
      Just enter your credit card number here to see if it's been stolen....

      Comment


        #4
        I just assume that at some point the details I give out online will end up in the hands of scumbags.

        So I use a secondary email address (my original hotmail going back decades so well established as a honeypot ), PAYG second mobile phone, temp address while contracting away from home, wherever possible so I don't give as much a crap who knows those as I expect them to be bombarded with spam and scam.

        Good luck cold callers and scammers trying to get through on my landline, no phone plugged in as I use it for broadband only.

        Not sure why PC Curries would have DOB unless as part of a credit application. If anyone asks for it and it's not part of some identity checking then I give a slightly wrong one. I'm probably not the only one, so all those 'happy birthday ....' messages are likely on the wrong date.
        Maybe tomorrow, I'll want to settle down. Until tomorrow, I'll just keep moving on.

        Comment


          #5
          Originally posted by ladymuck View Post
          put your email address(es) into www.haveibeenpwned.com and see if your details have come up in any breaches.

          I have an alert configured on all the domains I own so I get notified as soon as my details are found
          I didn't know you could subscribe. As someone joked, I'm nervous putting my details INTO these sites because that would be a great scam

          What I couldn't see was WHAT data they have, or even what sites it was breached from. Can I find this?Only the number of places and pastes. Am I right to infer that if there are no pastes, the breach is less concerning?
          Originally posted by MaryPoppins
          I'd still not breastfeed a nazi
          Originally posted by vetran
          Urine is quite nourishing

          Comment


            #6
            Originally posted by d000hg View Post
            I didn't know you could subscribe. As someone joked, I'm nervous putting my details INTO these sites because that would be a great scam

            What I couldn't see was WHAT data they have, or even what sites it was breached from. Can I find this?Only the number of places and pastes. Am I right to infer that if there are no pastes, the breach is less concerning?
            That site tends to give you clues as to what was stolen, and sometimes includes links to the press reports - which you could then google a bit more from there.

            I think it all depends on what was taken, e.g.

            Scenario 1 - Login details hacked but not pasted
            Scenario 2 - Login details hacked and pasted
            Scenario 3 - Login & banking details hacked but not pasted
            Scenario 4 - Login & banking details hacked and pasted

            I've listed them in the order I'd personally be least cacking it over, best to worst

            HTH
            Originally posted by Old Greg
            I admit I'm just a lazy, lying cretinous hypocrite and must be going deaf
            ♕Keep calm & carry on♕

            Comment


              #7
              Originally posted by d000hg View Post
              I didn't know you could subscribe. As someone joked, I'm nervous putting my details INTO these sites because that would be a great scam

              What I couldn't see was WHAT data they have, or even what sites it was breached from. Can I find this?Only the number of places and pastes. Am I right to infer that if there are no pastes, the breach is less concerning?
              Search for your entire domain and it will show you which attacks (if any) you have been compromised by. E.g. LinkedIn, Onliner Spambot etc.
              England's greatest sailor since Nelson lost the armada.

              Comment


                #8
                Currys

                Comment


                  #9
                  Originally posted by Moose423956 View Post
                  Currys
                  It's a PC world alright.
                  Maybe tomorrow, I'll want to settle down. Until tomorrow, I'll just keep moving on.

                  Comment

                  Working...
                  X