UK consumer electronics retail group Dixons Carphone has suffered a massive data breach, compromising 5.9 million customer cards and 1.2 million personal data records.
The firm says that it has discovered an attempt to compromise the cards in one of the processing systems of Currys PC World and Dixons Travel stores.
However, Dixons Carphone is playing down the threat to customers, stressing that there is no evidence of any fraud on the millions of cards.
The vast majority of cards - 5.8 million - have chip and PIN protection and the data accessed does not contain PINs, CVVs or authentication data. But, around 105,000 non-EU issued cards which do not have chip and PIN have also been affected.
Separately, the company has found that 1.2 million records containing non-financial personal data, such as names and addresses, has also been accessed.
An investigation has been launched, extra security has been put in place and the Dixons Carphone is contacting affected customers. Meanwhile, the police, FCA and Information Commissioner's Office have been notified.
Says Dixons Carphone chief executive Alex Baldock: "We are extremely disappointed and sorry for any upset this may cause. The protection of our data has to be at the heart of our business, and we’ve fallen short here."
Shares in Dixons Warehouse - which runs Dixons, Carphone Warehouse, PC World and Currys - were down more than three per cent in morning trading on Wednesday.