"Data protection is complex and a constant balance between ensuring that data is accessible for legitimate reasons at the time of need, while attempting to restrict and limit access to unauthorized sources. System integrations are great for customer experiences but inevitably expands the attack surface, and attackers understanding of modern solutions and development of offensive techniques also evolve" said Martin Jartelius, CSO at Outpost24.
"In this case, Dixons is taking the responsible path by reporting the potential breach rather than attempting to unlawfully hide this information until they know more about what has been affected, but the report inevitably creates fear and casts a shadow over their business. The good thing is Dixons has reported the personal data breach, informed potentially affected clients as well as initiated an investigation – the outcome is yet to be confirmed, and it will be of interest to many organizations."
Read the full comment from Martin Jartelius: