Wetherspoon hack: customer details stolen in latest cyber-attack

Personal details of up to 657,000 customers of pub chain JD Wetherspoon have been stolen in the the latest cyber-attack on a British company.

Wetherspoon said the hack was made on its old website, and that “extremely limited” credit and debit card details were stolen for 100 customers who bought the pub chain’s vouchers online before August 2014.

They cannot be fraudulently used, however, as only the last four digits of the card numbers were obtained by the hackers and not the customer name and expiry data, the company said.

Related: TalkTalk cyber-attack sparks calls for new regulatory powers

The 656,723 customers affected were on the database with personal details such as their names, dates of birth, email addresses and mobile phone numbers. No passwords were stolen.

Wetherspoons is the latest company to suffer a cyber-attack. Telecoms group TalkTalk was hit in October, with almost 157,000 customers affected in its third data breach in 12 months. Five people have been arrested so far.

Wetherspoon’s chief executive, John Hutson, apologised to customers and staff who have been affected.

He added: “Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence.”

Some personal staff details, registered before 10 November 2011, were also stolen, but this does not include any salary, bank, tax or national insurance information.

The information was stolen from Wetherspoon’s old website.

Wetherspoon has emailed customers and asked a cybersecurity specialist to investigate the data breach. The Information Commissioners Office, which regulates data protection, has been notified.

The card data was not encrypted because the first 12 digits and the security number on the back of the card were not stored on the database.

The data breach happened between 15 and 17 June. Wetherspoon said it had taken so long to notify customers of this breach because the data was held by a third party company that previously hosted its website, and the breached had not been discovered until 1 December.

Share on Google Plus

About Unknown

My blog is the place to update the latest information on sports, science and technology ... If you found this article good, useful please the share for others to see, even if you want to design a ecommerce website or web edit or set a special plugin functionality, please contact us now (Information in the footer)