0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

carphone warehouse a reminder of data breach reporting obligations

14 August 2015

The personal data of up to 2.4 million Carphone Warehouse customers, and up to 90,000 credit card details, may have been accessed by hackers on 5 August 2015. The company notified customers of the breach on 8 August.

Providers of public electronic communications services, such as Carphone Warehouse (which owns TalkTalk), are required under the Privacy and Electronic Communications Regulations (PECR) to notify the ICO within 24 hours of becoming aware of a data breach. Customers must be notified without unnecessary delay unless it can be shown that the data was unintelligible due to encryption. Notification should include a summary of the breach, its likely effect, the affected data, and mitigating measures taken by the company and which should be taken by the individual.

This breach serves as a reminder of service providers’ obligations in respect of reporting data breaches. This is particularly timely in light of the draft EU Data Protection Regulation, which will require all organisations (service providers or otherwise) to notify customers and relevant authorities about data breaches within 24 hours.

For more information on protecting your business and training your team on data protection – take a look at our fixed price product.

related opinions

Sexual Harassment in the workplace – consequences of getting it wrong

A partner at a Magic Circle law firm has this week been ordered to pay £235,000 in fines and costs by a disciplinary tribunal, having been found guilty of breaching his professional obligations.

View blog

Compulsory drone registration goes live on 1 October 2019

As part of the continued tightening of the restrictions on drone use within UK airspace, the latest amendments to the Air Navigation Order 2016 come into force on 30 November 2019.

View blog

Second prosecution of its kind following Ofsted investigation for running an illegal school

A Head Teacher and her father were convicted at Westminster Magistrates’ Court for running an unregistered private school in Streatham.

View blog

IR35 changes - six months and counting...

In his 2018 Autumn Budget, the then Chancellor, Phillip Hammond, announced a significant change to the way liability for IR35 breaches will be dealt with for private sector companies from April 2020.

View blog

mailing list sign up

Select which mailings you would like to receive from us.

Sign up