WH Smith has filed a notice with the London Stock Exchange’s Regulatory News Service stating that the company has suffered a cyberattack. Threat actors were able to breach its IT infrastructure and access the data of around 12,500 current and former employees. The company is in the process of informing affected employees and has put measures in place to support them.
The notice doesn’t provide any details on the attack itself, but the impact reported seems to coincide with a ransomware infection. WH Smith also stated that customer data was not affected as it was on separate systems that weren’t affected by the breach. “There has been no impact on the trading activities of the Group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident”, said the notice.
The company has launched an investigation into the matter and has “engaged specialist support services” in addition to implementing its incident response plans which include notifying relevant authorities. The company is weeks away from reporting its results trading results and made sure to include in its notice that it had seen “strong trading performance” and that commercial activity was business as usual.
This isn’t WH Smith’s first rodeo when it comes to facing cyberattacks either. Funky Pigeon, WH Smith’s online greeting card and gifts business had to stop taking orders in April 2022 after its systems were breached. In a typical laid-back fashion, the company told customers via social media posts that it was facing technical issues and did not clarify what data was accessed, simply stating that payment data was not affected.
UK-based entities have seen constant attacks recently. The WH Smith data breach comes just a week after the Royal Main finally resumed international systems on its road to recovery from a ransomware attack carried out by the Lockbit ransomware gang, who had also attacked financial technology firm Ion.