Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees.
The company immediately launched an investigation into the incident with the help of specialist support services, it also notified the relevant authorities.
The company is notifying all affected employees and announced it has put measures in place to support them.
“WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data. Upon becoming aware of the incident, we immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities.” reads a notice filed with the London Stock Exchange’s Regulatory News Service. “There has been no impact on the trading activities of the Group.”
The company pointed out that its customer data were not impacted.
WH Smith has more than 1,700 stores that sell books, stationery, magazines, newspapers, entertainment products and confectionery.
The notice doesn’t provide details about the attack, however, the impact reported in the notice is consistent with a ransomware attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Moshen Dragon)