[UK] WH Smith workers hit by second payroll data hack in under a year

[UK] WH Smith workers hit by second payroll data hack in under a year
03 Mar 2023

WH Smith has been hit by its second cyber attack in less than a year. Hackers accessed company data, including the personal information of both current and former employees, Independent reports.

The high street retailer confirmed that the hack involved a possible breach of staff payroll data such as names, addresses, dates of birth and national insurance numbers. It does not believe banking details have been accessed.

WH Smith said only UK workers have been affected but it did not say how many employees had had their data breached.

The stationery and book chain reportedly employs around 10,000 staff in the UK across its high street stores and a growing travel arm based at airports, hospitals and train stations.

WH Smith said that the hack – which happened earlier this week – has not affected trading or seen customer information accessed. Its website, customer accounts and databases are held on unaffected separate systems.

The group said it is notifying all affected workers and has launched an investigation into the incident.

The latest cyberattack comes less than a year after the firm’s Funky Pigeon online card business was hacked. The company was unable to take orders for a number of weeks weeks in April and over the 2022 Easter weekend.

WH Smith said it has notified the Information Commissioner’s Office and relevant authorities of the latest hack.

In a statement the retailer said, “WH Smith takes the issue of cyber security extremely seriously and investigations into the incident are ongoing.

“We are notifying all affected colleagues and have put measures in place to support them.”

The breach at WH Smith follows a wave of cyber attacks in recent months. Royal Mail’s international postal service reportedly suffered lengthy disruption after hackers targeted the group.

In January, retailer JD Sports warned that around 10 million people might have had their addresses, phone numbers and email addresses - among other information - stolen during a hack.


Source: Independent

(Quotes via original reporting)

WH Smith has been hit by its second cyber attack in less than a year. Hackers accessed company data, including the personal information of both current and former employees, Independent reports.

The high street retailer confirmed that the hack involved a possible breach of staff payroll data such as names, addresses, dates of birth and national insurance numbers. It does not believe banking details have been accessed.

WH Smith said only UK workers have been affected but it did not say how many employees had had their data breached.

The stationery and book chain reportedly employs around 10,000 staff in the UK across its high street stores and a growing travel arm based at airports, hospitals and train stations.

WH Smith said that the hack – which happened earlier this week – has not affected trading or seen customer information accessed. Its website, customer accounts and databases are held on unaffected separate systems.

The group said it is notifying all affected workers and has launched an investigation into the incident.

The latest cyberattack comes less than a year after the firm’s Funky Pigeon online card business was hacked. The company was unable to take orders for a number of weeks weeks in April and over the 2022 Easter weekend.

WH Smith said it has notified the Information Commissioner’s Office and relevant authorities of the latest hack.

In a statement the retailer said, “WH Smith takes the issue of cyber security extremely seriously and investigations into the incident are ongoing.

“We are notifying all affected colleagues and have put measures in place to support them.”

The breach at WH Smith follows a wave of cyber attacks in recent months. Royal Mail’s international postal service reportedly suffered lengthy disruption after hackers targeted the group.

In January, retailer JD Sports warned that around 10 million people might have had their addresses, phone numbers and email addresses - among other information - stolen during a hack.


Source: Independent

(Quotes via original reporting)

Leave a Reply

All blog comments are checked prior to publishing