Track your order, update your details and claim your cashback all in your account.
No need to call us.
My AccountThe below FAQ contains further information about the recent cyber attack on some of our IT systems.
We are currently contacting impacted customers to provide them with guidance.
The vast majority of Carphone Warehouse customer data is held on separate systems and has not been accessed during this incident.
The impacted websites include: OneStopPhoneShop.co.uk, e2save.com and Mobiles.co.uk and provide a number of services to iD Mobile, TalkTalk Mobile, and Talk Mobile.
Please be assured that we are taking this very seriously and have put in place additional security measures to prevent further attacks.
On 5 August we discovered that the IT systems of a division of Carphone Warehouse in the UK had been breached by a sophisticated cyber-attack. This division operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk, and provides a number of services to iD Mobile, TalkTalk Mobile, Talk Mobile, and to certain customers of Carphone Warehouse.
We took immediate action to secure these systems and launched an investigation with a leading cyber security firm to determine exactly what data was affected. We have also put in place additional security measures to prevent further attacks.
Our investigation has indicated that personal data which may include names, addresses, dates-of-birth, and bank details of up to 2.4 million customers, may have been accessed. Encrypted credit card data of up to 90,000 customers may also have been accessed. We and our partners are contacting all those customers who may have been affected, informing them of the breach and giving advice to reduce risk and minimise inconvenience. Currys PC World and the vast majority of Carphone Warehouse customer data is held on separate systems and has not been accessed during this incident.
This division operates the websites OneStopPhoneShop.com, e2save.com, and Mobiles.co.uk, and provides a number of services to iD Mobile, TalkTalk Mobile, Talk Mobile, and to certain customers of Carphone Warehouse.
We discovered the breach on the afternoon of Wednesday 5 August, and have been working intensively to establish the extent of the breach.
The attack was sophisticated and affected a large volume of customers across multiple businesses. We are working intensively to identify those at risk and are contacting them individually to provide advice on actions they need to take.
We and our partners are contacting all those customers who may have been affected to inform them of the breach and to give them advice to reduce any risk and minimise inconvenience. We have have contacted customers via email, and where no email address was held, via text message or via post. If you dont hear from us, your data hasnt been affected by this attack.
We have tracked any email bounce-backs and contacted those customers by text message. Any customers without email addresses that are affected have also being contacted by a text message. Where we have not been successful via email or text message, we are also following up via post.
We committed to contacting all affected customers. Where we didnt have any other means of contact, text was the only option.
We started contacting customers by email on Saturday 8 August. We have tracked email bounce-backs and have contacted those customers by text message where possible. In the instances of us not holding a correct customer email address we have also attempted to make contact via SMS text message. There are a very small portion of customers who we have been unable to contact by email or text message and we have now sent letters to those customers postal addresses.
This is in addition to the information available to customers through in-store, online and call centre communications, as well as through our public announcement and social media. We have also co-ordinated with the banks to ensure that they are aware of those customers who may be affected and can take appropriate action.
There are a very small portion of customers for whom we do not hold an email address, mobile number or a postal address.
We would have liked to have made contact with all customers directly, and have been very proactive in communicating publicly in relation to this incident. We have made information available to customers in-store, online and through our call centre communications, as well as through our public announcement and social media. We have also co-ordinated with the banks to ensure that they are aware of those customers who may be affected and can take appropriate action.
No, these are not in addition to the previously announced customers. This is a second communication from TalkTalk Mobile, reiterating by post what theyve already said in emails to customers.
Our investigation has indicated that personal data, which may include names, addresses, dates-of-birth, and bank details of up to 2.4 million customers, may have been accessed. Encrypted credit card data of up to 90,000 customers may also have been accessed. We and our partners are contacting all those customers who may have been affected to inform them of the breach and to give them advice to reduce risk and minimise inconvenience.
Encrypted credit card data of up to 90,000 customers may also have been accessed. We and our partners are contacting all those customers who may have been affected to inform them of the breach and to give them advice to reduce risk and minimise inconvenience.
Yes, we want you to feel safe in all dealings with us. We have also put in place additional security measures to prevent further attacks.
The Carphone Warehouse website and the vast majority of Carphone Warehouse customer data is held on a separate system. There is no evidence that this has been breached and customers can continue to use the CPW website securely. In addition, we have put in place additional security measures to prevent further attacks across all of our websites.
The vast majority of Carphone Warehouse customers are not affected. We are contacting all customers via email or text message, if they are impacted, to give them advice in order to reduce any risk and minimise inconvenience.
Data may be in our system as a result of a number of different interactions with us - some of which may not have concluded in a transaction. These could include enquiries about mobile phones, network contracts, mobile phone insurance or other services, some of which are provided by us through third parties where they would be the brand name you dealt with at the time.
No. The customer data of these brands is kept separate from the businesses that have been affected by this incident.
This attack was very sophisticated and is part of the reality of the modern world. Our priority is reducing risk and inconvenience for customers and continuing to build ever stronger defenses.
We took immediate action to secure these systems and launched an investigation with a leading cyber security firm to determine exactly what data was affected. We have also put in place additional security measures to prevent further attacks.
Someone having access to your personal information or bank account details does not necessarily mean you have been a victim of identity theft or that your information will be used to commit fraud. We recommend that you take the appropriate steps to protect yourself, such as closely reviewing account statements for suspicious activity.
To reduce the risk of fraudulent activity, we recommend that you consider taking the following steps:
We are contacting all customers who are affected by the data breach, however, this does not mean you have been a victim of fraud or identify theft. We recommend that you contact your bank and credit card company immediately, who will monitor activity on your accounts and be wary about giving access to any personal information. If you believe you have been a victim of fraud, you should contact your bank or credit card company. You can also get in touch with Action Fraud, the UKs national fraud and internet crime reporting center, on 0300 123 2040.
By calling Action Fraud on 0300 123 2040, you will be able discuss your situation with one of their specialist fraud advisers and get advice on how to protect yourself from possible fraud.
IIf you have been a victim of fraud, reporting it to Action Fraud ensures that the correct crime reporting procedures are followed. Action Fraud passes on all fraud cases to the National Fraud Intelligence Bureau (NFIB), which is overseen by the police force that leads on fraud for the UK the City of London Police. Making a crime report to Action Fraud also means that you will receive a police crime reference number. You can use your police crime reference number to update the information in your crime report.
Yes, as part of our investigation we have notified the Information Commissioners Office (ICO) and the police.
We took immediate action to secure these systems and launched an investigation with a leading cyber security firm to determine exactly which data was affected. Weve also put in place additional security measures to prevent further attacks.
Card issuers publish their own policies regarding fraudulent charges. Generally, issuers do not hold customers responsible for fraudulent charges if they are reported in a timely manner. Please contact your bank for details on their policies.
If you think you have been a victim of fraud you should report it to Action Fraud, the UKs national fraud and internet crime reporting center, on 0300 123 2040.
To reduce the risk of fraudulent activity, we strongly advise you to notify your bank and Credit Card Company. We also recommend that you take the following steps:
You can check your credit rating to make sure no one has applied for credit in your name. You can do this by visiting Experian or Equifax
Due to data protection rules, we are unable to take these steps for individual customers. We regret any inconvenience this incident may have caused.
We have currently seen no evidence of this. We encourage our customers to review their account statements and immediately notify their credit and debit card issuer if they suspect fraud on their accounts.
This was the information we collected and stored through the normal course of business, which involves credit checking in order to set up mobile phone contracts.
Because these records were taken from online transactions, the majority do include email address details.
We hold details of previous customers and through our marketing we acquire additional information through online queries.
At this stage our priority is to inform those customers affected. The first thing any customer should do who has concerns about fraud is to contact their bank or credit card provider (who can stop fraudulent transactions).They can also contact Action Fraud, the national fraud reporting service.
If you would like to speak to us directly, please contact:
Mobiles.co.uk
www.mobiles.co.ukCustomer Service - 0330 678 0520
e2save (inc. The Phonespot)
www.e2save.comCustomer Service - 0330 678 0519
Carphone Warehouse
www.carphonewarehouse.comCustomer Service - 0370 111 6565