Retailer Dixons Carphone has gone public about a hack attack involving 5.9 million payment cards and 1.2 million personal data records.
It's also been keen to stress that it has found no evidence of fraud taking place due to the breach, and that includes the 1.2 million personal records containing names, addresses, and emails.
The group is contacting all those affected, but sought to assure it had no evidence that this had resulted in fraud at this stage.
While attackers attempted to access 5.9 million card details, the company states that chip-and-pin protection should prevent 5.8 million of the cards being used for fraud.
Chief executive Alex Baldock said: "We are extremely disappointed and sorry for any upset this may cause". Again, Dixons said there was no evidence that it had resulted in any fraud.
Others compared the Dixons Carphone breach to the compromise of U.S. retailer Target in arguing lessons have not been learned.
Raptors hiring Nick Nurse as head coach
He also won a pair of titles in the G League with two different teams and was coach of the year there, too. Nurse, 50, replaces Dwane Casey , whom he worked under for the past five seasons.
It said the data accessed did not contain Pin codes, card verification values (CVV) or any authentication data allowing cardholder identification or a purchase to be made.
Given the small number of affected cards and the fact that personal data did not leave the network, it's unlikely the firm will be in for a major GDPR fine, unless it emerges that the hackers took advantage of serious deficiencies in the firm's cyber-defenses. It said since the 2015 attack it had worked extensively with cyber security experts to upgrade its security systems.
It comes after telecoms firm TalkTalk was hit by a major cyber attack in October 2015, which saw the personal data of almost 160,000 people accessed by hackers and left the firm facing a record £400,000 fine for security failings.
ELECTRONICS RETAILER Dixons Carphone (DCP) has announced a breach in its systems that are said to have exposed the personal information of up to six million people.
In a statement released this morning, the company said during a review of systems and data, it discovered that there has been "unauthorised access to certain data held by the company".