In March 2023, books and stationery supplier WH Smith became the latest retailer to fall victim to a “cyber security incident” resulting in a data breach.
Current and former employee data is believed to be compromised, although customer data is thought safe at this time.
In a statement about the data security incident, WH Smith said:
“WH Smith takes the issue of cyber security extremely seriously and investigations into the incident are ongoing. We are notifying all affected colleagues and have put measures in place to support them.
There has been no impact on the trading activities of the Group. Our website, customer accounts and underlying customer databases are on separate systems that are unaffected by this incident.”
With several high-profile retail data breaches hitting the headlines, shopper trust is arguably at a long time low. Earlier this year, J D Sports admitted to a data breach after a malicious party gained unauthorized access to a system containing historic customer data. The attack compromised customers of JD, Size?, Millets, Blacks, Scotts and MilletSport brands.
Employees of WH Smith must be vigilant
At Keller Postman UK, we have seen victims of similar data breaches become the target of cybercriminals, with instances of fraud, blackmail, and identity theft. As such, affected WH Smith employees are at high risk of being targeted by cybercriminals and should take immediate steps to protect themselves.
Data exposed in similar hacks has subsequently been sold on the dark web, with the impact not always apparent until months later. By implementing security steps now, WH Smith employees stand a better chance of protecting themselves should their stolen data be used against them in the future.
In our experience, failures to adopt standard security measures often make cyber-attacks easier. And, if this proves to be the case, affected WH Smith employees could be entitled to data breach compensation.