British magazine and newspaper retailer WH Smith has suffered a data breach that exposed current and former employees’ information. The company is a retailer of books, newspapers and stationery, commonly located at railway stations and airports.
Looking into this latest cybersecurity incident for Digital Journal John Stevenson, Senior Product Marketing Manager at Skybox Security.
Stevenson says that the incident exposes a weakness with IT systems common to many companies: “This attack against a major British retailer serves as a prime example of the importance of understanding the network attack surface.”
Addressing the specific action directed at the newsagent, Stevenson finds: “While the details are still sketchy, it seems likely the attackers have accessed Personally Identifiable Information (PII) from corporate databases.”
While employee data is potentially affected, customer data appears to be unaffected. “WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data,” according to the firm in an issued statement.
WH Smith also said: “Upon becoming aware of the incident, we immediately launched an investigation, engaged specialist support services and implemented our incident response plans, which included notifying the relevant authorities.”
Considering the attack dynamic, Stevenson: “This might be because the attackers have exploited a network path into those databases, perhaps because instances of the data have been poorly secured in the cloud. In any event, the results can be devasting for the individuals concerned.”
While not a major firm, the issue is still of significance: “While less newsworthy than ransomware attacks or the theft of credit card information, the theft of PII exposes the individual to the possibility of repeated and highly targeted attacks, as well as exposing the organization risk of being penalized by the Information Commissioners Office (ICO).”
The Information Commissioners Office is a non-departmental public body which reports directly to the Parliament of the United Kingdom, with responsibility for cybersecurity incidents.
Skybox Research Lab found that 24.5 percent of retailers were comprised by material breaches, experiencing the largest number across any industry.
With typically large, hybrid networks, it’s vital that retailers gain and maintain a holistic view of their attack surface, utilizing the best threat intelligence, attack path analysis and asset context to help protect their key data assets from attack.
