UK Retailer Fined £500K For Data Breach Affecting 14 Million

Law360 (January 9, 2020, 8:09 PM EST) -- U.K.-based electronics retailer Dixons Carphone has been fined £500,000 ($650,000) for not taking adequate steps to prevent a cyberattack that exposed the personal data of at least 14 million people, the Information Commissioner's Office said Thursday.

The fine, the maximum that could have been issued under a U.K. privacy law that predates the EU's General Data Protection Regulation, comes after Dixons subsidiary DSG Retail Limited failed to secure its payment card processing systems even after third-party consultants alerted it to "critical vulnerabilities," the data security regulator said. The security gaps allowed attackers to infiltrate 5,390 point-of-sale systems at DSG's Currys PC World...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.


  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS