View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
March 2, 2023updated 28 Apr 2023 9:19am

WH Smith employee data stolen in cyberattack

The company claims none of its other services are impacted, but staff data has been exposed.

By Claudia Glover

UK high street retailer WH Smith has been hit with a cyberattack, leading to criminal access to past and present employee data. The company has opened an investigation into the incident, but says its stores are unaffected by the attack. 

UK retailer WH Smith suffers cyberattack. (Photo by Nigel J. Harris/Shutterstock)

WH Smith’s website, customer accounts and underlying customer databases are on separate systems, the company said. Because of this the criminals have been unable to gain access to these databases, but employee information has been exposed.

WH Smith cyberattack details revealed

The stationery retailer made a public notification of the hack via an alert issued to the London Stock Exchange (LSE) this morning, advising investors of the cyberattack. “WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data,” it says.

The attack has hit personally identifiable information of former and current employees. The data includes names, addresses, national insurance numbers and dates of birth. The company has said that it has opened an investigation along with the initial announcement of the breach, the statement to the LSE said.

“Upon becoming aware of the incident we immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities,” the alert says.

“WH Smith takes the issue of cybersecurity extremely seriously and investigations into the incident are ongoing. We are notifying all affected colleagues and have put measures in place to support them.

“There has been no impact on the trading activities of the group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident.”

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Tech Monitor has approached WH Smith for comment on further details of the breach and how many people are impacted. The company employs over 10,000 staff.

Second attack on WH Smith in two years

In April of last year, a subsidiary of WH Smith fell victim to a cyberattack. Greeting card company Funky Pigeon had to take its systems offline as a precaution rendering it incapable of fulfilling any orders. 

At the time of the attack, the organisation was forced to write to all customers it had dealt with in the preceding 12 months to notify them of the incident, but maintained that no customer data was compromised

Today’s announcement is the latest in a wave of cyberattacks targeting UK companies. The Royal Mail has been targeted by Russian Ransomware-as-a-Service gang LockBit in an attack that rendered some of its services inoperable for a period of months, while another quoted company, Morgan Advanced Materials, informed the LSE of an attack in January, though details of the breach have not been revealed.

Javvad Malik, lead security awareness advocate at KnowBe4, said: “While details of the hack are limited at present, it does show how criminals are increasingly attacking UK organisations across a variety of industries. Solidifying the fact that no vertical or size or organisation is safe from attacks.

“The most common ways criminals will breach organisations is by way of social engineering attacks such as phishing, or by exploiting poor passwords, or through exploiting unpatched software. So it’s important that organisations work on addressing the common root causes of attacks, and ensure they have a layered and defensible security strategy in place.”

Indeed, according to IBM’s X-Force Threat Intelligence report released last month, the UK received the most cyberattacks throughout Europe in 2022, accounting for 43%.

Read more: Vanuatu is showing small nations how to resist big cyberattacks

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.