JD Wetherspoon hit by cyber attack
Pub operator JD Wetherspoon said it was taking action after discovering that some customer and staff information has been accessed in a data hack.
Fixed Line Telecommunications
1,994.59
15:44 15/11/24
FTSE 250
20,508.75
15:45 15/11/24
FTSE 350
4,453.56
15:45 15/11/24
FTSE All-Share
4,411.85
15:45 15/11/24
TalkTalk Telecom Group
96.90p
16:34 11/03/21
Travel & Leisure
8,607.27
15:45 15/11/24
Wetherspoon (J.D.)
625.50p
15:45 15/11/24
The group said on Friday that information was obtained from its old website, which has been replaced in its entirety.
It stressed that the current website is managed by a new digital partner, which has no connection to the website that was hit by the security breach.
Wetherspoon said it has notified its customers to the situation by email and has also instructed a cyber security specialist to conduct a full forensic investigation into the breach, which affects a database of just over 656,000 customers and includes names, dates of birth, email addresses and phone numbers.
The company said that as regards almost all customers, no financial data was involved in the hacking and no passwords were obtained.
However, for around 100 customers who purchased Wetherspoon vouchers online before August 2014, limited credit/debit card details were accessed, but only the last four digits of the card numbers were obtained.
The company said other information, such as the customer name and the expiry date was not compromised, so the credit/debit card details cannot be used for any fraudulent purposes.
Wetherspoon added that some personal staff details, registered before 10th November 2011, were stolen, but no salary, bank, tax or national insurance information was accessed.
Wetherspoon’s chief executive John Hutson said:"We apologise wholeheartedly to customers and staff who have been affected.
"Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence."
The breach comes just a couple of months after telecommunications company TalkTalk’s customers were targeted by a cyber attack.