WH Smith has been the target of a cyberattack in which company data, including the personal data of current and former employees, was illegally accessed, the retailer revealed.
The book and stationery chain said there was no impact on the store and its website, and that customer accounts and the customer database were on separate systems and “not affected by this incident.”
The attack comes just under a year after a hack on WH Smith’s Funky Pigeon website forced it to stop taking orders for about a week.
WH Smith said Thursday that it “immediately launched an investigation, engaged specialized support services, and implemented our incident response plans, which included notifying appropriate authorities” after the latest incident.
“WH Smith takes the issue of cyber security very seriously and investigations into the incident are ongoing. We are notifying all affected colleagues and have implemented measures to support them,” the company said.
The retailer said it was trading strong and would report its semi-annual financial results on April 20.
In January, Royal Mail was forced to ask customers to stop sending packages and letters to overseas destinations after a cyber incident caused a “serious service disruption” to international exports. And in December, The Guardian asked most staff to work from home after it was hit with a ransomware attack in which the personal data of UK staff members was accessed.
according to a government report last year, two in five UK companies reported cybersecurity breaches or attacks in the previous 12 months.
In 2018, the government estimated that cybercrime costs the UK economy £28bn a year. However, the scale of the problem is believed to be growing as business increasingly takes place online, with organized criminal gangs and state actors involved in attacks. The rise in cybercrime targeting individuals has been fueled in recent years by scams exploiting the pandemic.