UK high street retailer WH Smith has been hit with a cyberattack, leading to criminal access to past and present employee data. The company has opened an investigation into the incident, but says its stores are unaffected by the attack.
WH Smith’s website, customer accounts and underlying customer databases are on separate systems, the company said. Because of this the criminals have been unable to gain access to these databases, but employee information has been exposed.
WH Smith cyberattack details revealed
The stationery retailer made a public notification of the hack via an alert issued to the London Stock Exchange (LSE) this morning, advising investors of the cyberattack. “WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data,” it says.
The attack has hit personally identifiable information of former and current employees. The data includes names, addresses, national insurance numbers and dates of birth. The company has said that it has opened an investigation along with the initial announcement of the breach, the statement to the LSE said.
“Upon becoming aware of the incident we immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities,” the alert says.
“WH Smith takes the issue of cybersecurity extremely seriously and investigations into the incident are ongoing. We are notifying all affected colleagues and have put measures in place to support them.
“There has been no impact on the trading activities of the group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident.”
Tech Monitor has approached WH Smith for comment on further details of the breach and how many people are impacted. The company employs over 10,000 staff.
Second attack on WH Smith in two years
In April of last year, a subsidiary of WH Smith fell victim to a cyberattack. Greeting card company Funky Pigeon had to take its systems offline as a precaution rendering it incapable of fulfilling any orders.
At the time of the attack, the organisation was forced to write to all customers it had dealt with in the preceding 12 months to notify them of the incident, but maintained that no customer data was compromised
Today’s announcement is the latest in a wave of cyberattacks targeting UK companies. The Royal Mail has been targeted by Russian Ransomware-as-a-Service gang LockBit in an attack that rendered some of its services inoperable for a period of months, while another quoted company, Morgan Advanced Materials, informed the LSE of an attack in January, though details of the breach have not been revealed.
Javvad Malik, lead security awareness advocate at KnowBe4, said: “While details of the hack are limited at present, it does show how criminals are increasingly attacking UK organisations across a variety of industries. Solidifying the fact that no vertical or size or organisation is safe from attacks.
“The most common ways criminals will breach organisations is by way of social engineering attacks such as phishing, or by exploiting poor passwords, or through exploiting unpatched software. So it’s important that organisations work on addressing the common root causes of attacks, and ensure they have a layered and defensible security strategy in place.”
Indeed, according to IBM’s X-Force Threat Intelligence report released last month, the UK received the most cyberattacks throughout Europe in 2022, accounting for 43%.