Dixons Carphone has revealed that a 2017 data breach affected the personal information of an additional 9 million customers.
The company said: “While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted.
“We are continuing to keep the relevant authorities updated.”
Dixons Carphone added: “As a precaution, we are choosing to communicate to all of our customers to apologise and advise them of protective steps to minimise the risk of fraud.
“As we indicated previously, we have taken action to close off this access and have no evidence it is continuing.”
Dixons Carphone’s latest admission of a data breach comes six weeks after the company said it believed there had been other attempts since last year to compromise 5.9 million cards in one of its processing systems for Currys PC World and Dixons Travel stores.
Those other breach attempts, to financial data, were only discovered in June.
Dixons Carphone Chief Executive Alex Baldock said: “Since our data security review uncovered last year’s breach, we’ve been working around the clock to put it right.
“That’s included closing off the unauthorised access, adding new security measures and launching an immediate investigation, which has allowed us to build a fuller understanding of the incident that we’re updating on today.”
Again, we’re disappointed in having fallen short here, and very sorry for any distress we’ve caused our customers. I want to assure them that we remain fully committed to making their personal data safe with us.”
Dixons Carphone shares, which were trading down 12% on the year to date, fell a further 1% in early trading.