Dixons Carphone
Dixons Carphone has become the first company to announce a major data breach since EU countries began enforcing new data protection rules. Dixons Carphone said the breach happened last year and involved 5.9 million payment cards and the details of 1.2 million customers. All but about 105,000 cards have chip and PIN protection and Dixons Carphone added that it had "no evidence to date of any fraudulent use of the data."
The problem for the company is that the breach follows a similar incident in 2015. That resulted from an out of date WordPress installation, led to a £400,000 fine and condemnation from the UK data protection regulator. It's not clear why it took so long for Dixons Carphone to announce the breach and the key question is whether the inevitable fine will be calculated according to the new GDPR rules. The National Cyber Security Centre has advice for customers here.