UK retailer WH Smith hacked, confidential data leaked

WH Smith has acknowledged that its computer systems were breached by an unauthorized user less than a year after an attack on its online greetings card business Funky Pigeon.

The retail company said in a notification that was sent to the Regulatory News Service of the London Stock Exchange that data pertaining to current and past employees had been hacked. There are around 12,500 employees working for the firm.

According to WH Smith, the attack “resulted” in unauthorized access to some firm data, some of which included information on both present and past personnel.

It was said that the company’s website, customer accounts, and “underlying customer datasets” were located on different servers that were not compromised in any way. Concerning the employees whose data was stolen, the company is “notifying all impacted colleagues and have put procedures in place to help them,” according to the statement.

The following was included in the statement: “Upon becoming aware of the event, we quickly initiated an investigation, engaged specialized support services, and executed our incident response protocols, which included alerting the necessary authorities.”

WH Smith is a familiar sight on most of the United Kingdom’s high streets, where it can be seen selling magazines, stationery, books, and sweets. The company now has more than 1,700 locations, the most majority of which are located in the United Kingdom.

Notwithstanding the confirmation that employee data was obtained, the nature of the intrusion has not been published. Nonetheless, this conduct is typical with that of a number of ransomware gangs.

This year there have been many instances of cyberattacks targeting companies in the private sector. One of these incidents caused Yum! Brands, an American firm that is the parent company of KFC, Pizza Hut, and Taco Bell, to shut down roughly 300 of its fast-food outlets. The Canadian bookshop Indigo said on Wednesday that employee data had been compromised due to a recent attack.

The United States and the United Kingdom issued sanctions on seven individuals in connection with ransomware attacks in what has been termed as the first significant step in a “new campaign of concerted action” to combat the criminal sector. The sanctions were issued in the month of December.


Someone gained unauthorized access to the computer systems of WH Smith’s subsidiary Funky Pigeon in April of the previous year. During the incident, the online greeting card and gift store was forced to halt accepting orders, however the company said that customer financial information was unaffected. Just a few days before, the company’s social media channels had informed clients that “technical difficulties” were delaying the processing of new business. The data that was accessed was not made clear in any way.

The most recent developments at WH Smith take place a week after the Royal Mail resumed international shipments as it continues to recover from an attack carried out by individuals who initially claimed they were not part of a Russia-linked group called LockBit and then later admitted that they were. It would seem that the virus distributors have given up on Royal Mail paying the ransom they demanded, since they have now uploaded a set of data that they claim to have taken from the stolen goods.

Reuters was informed by the Royal Mail that its investigation did not uncover any critical financial or customer information among the data that was taken by the hackers.