View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 2, 2015

WHSmith ‘bug’ spreads sensitive personal data

Email addresses, phone numbers and names sent to other customers.

By James Nunns

WHSmith customers are being flooded with emails containing personal details for the company’s other customers.

In what appears to a significant loss of personal data, the retailer is forwarding emails sent by customers that use the "contact us" form on the company’s site.

Disturbingly, the emails include people’s phone numbers, names and email addresses.

The retailer, said: "We have been alerted to a systems processing bug by I-subscribe, who manage our magazine subscriptions. It is a bug not a data breach."

"We believe that this has impacted fewer than 40 customers who left a message on the ‘contact us’ page where this bug was identified, that has resulted in some customers receiving emails that have been misdirected in error."

Although this may have impacted less than 40 customers, it is believed that their details may have been sent to thousands of people.

Kevin Cunningham, president, SailPoint, said: "As today’s organisations house more and more sensitive data, everyone from the executive level down needs to ensure there is a collaborative effort from internal staff to protect that sensitive information and ultimately, the health and longevity of the company.

Content from our partners
How to engage in SAP monitoring effectively in an era of volatility
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility

"Based on the continual news reports of cyber attacks and data breaches, clearly this is the new norm that organisations have to counteract or they risk a significant impact to their bottom-line as well as customer loyalty.

"IT can only do so much to protect the internal infrastructure, but with the right tools in place to put some onus back on the employees they can help alleviate the burden. It falls to the employees and management to ensure that protecting sensitive information is of the utmost importance."

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU