Britain's data watchdog plans to investigate a massive hack attack on Carphone Warehouse's systems, which has put 2.4 million customers at risk of having their personal info ransacked by wrongdoers.
On Saturday afternoon, the company coughed to the mega data breach and added that up to 90,000 subscribers may have had their encrypted credit card details swiped during the incident.
However, as noted by The Register yesterday, it took the company – which operates the OneStopPhoneShop.com, e2save.com and Mobiles.co.uk sites that in turn provide services for customers at iD Mobile, TalkTalk Mobile, Talk Mobile and an undisclosed number of Carphone Warehouse subscribers – three days to go public about the hack.
A spokesbeing told us, when quizzed, that the firm wanted to be sure of the number of people affected by the "sophisticated cyber-attack" before notifying customers about the data breach.
But customers have expressed anger about the delayed response, given the risks posed immediately after the sensitive info was nicked.
El Reg asked the Information Commissioners' Office if it had opened a probe into the hack. A spokesman at the regulator told us on Sunday lunchtime: "We're aware of the incident and will be making further inquires."
However, he did not immediately respond to our question about how quickly Carphone Warehouse had flagged up the breach to the ICO, following the attack on its systems. ®