Threat actors breached WH Smith, the 1,700 locations UK retailer, and exposed data belonging to current and former employees.
WH Smith has more than 12,500 employees and reported a revenue of $1.67 billion in 2022.
What Kind of Data Was Exposed
The targeted company launched an investigation and notified the authorities. According to them, the website, customer accounts, and databases were not impacted.
There has been no impact on the trading activities of the group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident.
Upon becoming aware of the incident, we immediately launched an investigation, engaged specialist support services, and implemented our incident response plans, which included notifying the relevant authorities
However, data belonging to a yet unknown number of current and former WH Smith employees was breached. Names, addresses, National Insurance numbers, and dates of birth could be among the exposed data. All the affected workers were notified of the data breach and the company took a series of measures to support them.
What Is the Risk for the Affected Employees
Experts in data privacy claim that retailers run a high risk of cyberattack because. This happens because they hold large amounts of data on their staff and customers. Also, the fact that retailers are extremely dependent on public trust, makes them a favorite target for hackers.
According to them, the impacted workers now risk identity theft.
This is the third attack that hits on a high-profile UK company this year, states BBC. A Russian-linked ransomware attack hit Royal Mail just at the beginning of 2023. The incident resulted in the disruption of deliveries for several weeks.
Sportswear chain JD Sports was also targeted by threat actors in January. The attack put at risk the data of 10 million customers.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube for more cybersecurity news and topics.