LBW

Friday, 4 December 2015

JD Wetherspoon Database Hacked!

A database containing the details of more than 650,000 JD Wetherspoon customers has been hacked.



In a statement, the pub chain said the data breach occurred in June – and related to an old website which has since been replaced in its entirety. It apologised to those affected.

It later admitted that an anonymous email had been sent to chief executive John Hutson alerting him to the attack on November 6 - but this was picked up by a spam filter so the company was left in the dark until being contacted by the Financial Times earlier this week.

JD Wetherspoon said the hacked database mostly contained each customer's name, date of birth, email address and phone number.

However "a tiny number of customers" have had some of their credit or debit card information stolen.

It is only thought that about 100 customers had financial information compromised, and in each case, the hackers would have only been able to obtain the last four digits of card numbers.

The company statement said: "These credit or debit card details cannot be used on their own for fraudulent purposes, because the first 12 digits and the security number on the reverse of the card were not stored on the database."

Customers are being recommended to remain vigilant for any unexpected emails which specifically ask for personal or financial information – as well as messages which request them to click on links or download files.

"There has been no information from customers, or from our cyber security specialists, that leads us to believe that fraudulent activity, using the stolen information, has taken place, although we cannot be certain," Wetherspoons said.

The Information Commissioner's Office has been notified about the "criminal attack", and a forensic investigation into the breach is ongoing.

Chief executive Mr Hutson said: "We apologise wholeheartedly to customers and staff who have been affected.

"Unfortunately, hacking is becoming more and more sophisticated and widespread.

"We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence."

JD Wetherspoon is the latest big firm to fall victim to a hack after TalkTalk revealed it had been subject to a cyber attack which saw 157,000 people have their personal details accessed.

The telecoms firm said it would result in a one-off financial hit of £30-35m.

No comments :

Post a Comment