Skip to content

WH Smith discloses data breach following cyberattack

  • by
  • 2 min read

WH Smith has filed a notice with the London Stock Exchange’s Regulatory News Service stating that the company has suffered a cyberattack. Threat actors were able to breach its IT infrastructure and access the data of around 12,500 current and former employees. The company is in the process of informing affected employees and has put measures in place to support them. 

The notice doesn’t provide any details on the attack itself, but the impact reported seems to coincide with a ransomware infection. WH Smith also stated that customer data was not affected as it was on separate systems that weren’t affected by the breach. “There has been no impact on the trading activities of the Group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident”, said the notice

The company has launched an investigation into the matter and has “engaged specialist support services” in addition to implementing its incident response plans which include notifying relevant authorities. The company is weeks away from reporting its results trading results and made sure to include in its notice that it had seen “strong trading performance” and that commercial activity was business as usual. 

This isn’t WH Smith’s first rodeo when it comes to facing cyberattacks either. Funky Pigeon, WH Smith’s online greeting card and gifts business had to stop taking orders in April 2022 after its systems were breached. In a typical laid-back fashion, the company told customers via social media posts that it was facing technical issues and did not clarify what data was accessed, simply stating that payment data was not affected. 

UK-based entities have seen constant attacks recently. The WH Smith data breach comes just a week after the Royal Main finally resumed international systems on its road to recovery from a ransomware attack carried out by the Lockbit ransomware gang, who had also attacked financial technology firm Ion.

In the News: Microsoft’s new Bing can now talk in three different tones

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>