Carphone Warehouse has become the latest telecoms provider to be fined by the UK’s privacy regulator for failing to prevent a data breach.

The Information Commissioner’s Office (ICO) fined the company £400,000 over the 2015 hack, in which attackers got access to the personal data of over three million customers and 1,000 employees.

Customer data accessed in the attack included names, addresses, phone numbers, dates of birth, marital status and historical payment card details.

Details of employee names, phone numbers, postcodes and car registrations were also accessed.

The ICO investigation found that Carphone Warehouse had failed to carry out routine security testing and to update software systems, and had not implemented measures to identify and delete historical data.

These failures violated the UK’s Data Protection Act.

The Commissioner acknowledged however that the retailer had taken steps to fix some problems and protect those affected.

Elizabeth Denham, Information Commissioner, said: “A company as large, well-resourced, and established as Carphone Warehouse, should have been actively assessing its data security systems, and ensuring systems were robust and not vulnerable to such attacks.

“Carphone Warehouse should be at the top of its game when it comes to cyber-security, and it is concerning that the systemic failures we found related to rudimentary, commonplace measures.”

The fine comes ahead of the introduction of the EU’s General Data Protection Regulation on 25 May, which will impose more stringent data security requirements on companies.

Carphone Warehouse’s fine equals that imposed on TalkTalk in 2016, at the time a new record.

Almost 157,000 people had their personal details accessed by a hacker in October 2015 after TalkTalk’s website was breached.

Read more: GDPR means network operators must become much more than transporters of data

More News

Two in, two out at key VEON divisions Two in, two out at key VEON divisions Two senior execs have left VEON as the operator rejigs two business units in an effort to give greater control to the heads of local opcos. More detail
Europe's FTTH subscriber base rises 20 percent as homes passed nears 150m Europe's FTTH subscriber base rises 20 percent as homes passed nears 150m The number of FTTH/B subscribers in Europe increased by 20.4 percent in the year to September 2017, new figures show, with Russia, Spain and France powering growth. More detail
Nokia could sell digital health arm Nokia could sell digital health arm Nokia has announced a strategic review of its digital health business, less than six months after the company said it must seize the opportunities afforded by changes to the healthcare market. More detail
A1 Telekom Austria Group salutes successful 2017 A1 Telekom Austria Group salutes successful 2017 A1 Telekom Austria Group posted growing sales and earnings last year, leading CEO Alejandro Plater to hail 2017 as a success for the operator. More detail
Telia invests in location data company Telia invests in location data company Telia has taken part in a $17.5 million funding round for location data specialist Unacast, whose founders helped set up the TIDAL music streaming service now owned by Jay-Z. More detail
    

@eurocomms