This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Welcome to Reed Smith's viewpoints — timely commentary from our lawyers on topics relevant to your business and wider industry. Browse to see the latest news and subscribe to receive updates on topics that matter to you, directly to your mailbox.
| less than a minute read

Unexpected data breach in bagging area

Another maximum fine under the previous data protection regime.  This time, a £500k fine for Currys PC World and Dixons Travel (I can't imagine all the data they must have on last minute travel adapter purchases!) for malware installed on almost 6000 tills.

More information below - luckily for DSG, the breach was cleared up the month before the GDPR came into force.  If it had crept past May 2018, the fine would have had potential to be far higher.

The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people. An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine month period before the attack was detected.


data protection, gdpr, entertainment & media