Funky Pigeon cyber-attack | Here’s what we know so far | #cybersecurity | #cyberattack

Funky Pigeon, an online greetings card and gifts business owned by WH Smith, has been hit by a cyber-attack.

With the breach hitting the company last week, Funky Pigeon has taken its systems offline as a precaution, leaving it unable to take or fulfil orders.

Funky Pigeon is writing to all its customers from the past 12 months to warn them of the cyber-attack.

However, the company noted that the hackers had not accessed payment details, such as credit card numbers or bank accounts, and does not believe that passwords have been compromised.

“As soon as we discovered the incident last Thursday, we launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data,” a company statement read.

“We are currently investigating the extent to which any personal data – specifically names, addresses, email addresses and personalised card and gift designs – has been accessed.

“We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website.”

The company has also informed regulators and authorities of the breach.

Funky Pigeon Cyber-attack

The incident marks the second cyber-attack on a UK retailer in the space of a month. At the beginning of April, The Works fell victim to a cyber-attack which forced the company close five shops and suspend deliveries.

Commenting on the breach, UK Product Manager at Orange Cyberdefense Dominic Trott said: “While Funky Pigeon and its owner WHSmith have released a statement saying that no customer payment data has been breached, that doesn’t mean it’s in the clear yet.

“Consumers are becoming increasingly aware of the risk of cybercrime as it rises higher on the mainstream news agenda, so the incident could still have an impact on the company’s reputation, and its consumers’ willingness to spend.

“While the company has taken necessary steps since the breach – such as reporting the incident to regulations and law enforcement, informing those whose data may have been put at risk and taking its systems offline – it’s vital that it mitigates further and future damage. As a company that handles both sensitive payment data and personal information such as passwords, birthdays and addresses, Funky Pigeon must therefore have a comprehensive multi-layered approach to security.”


Trott added: “Technology and security tools still play an important role in a business’ security architecture, but the human element of cybersecurity must not be forgotten in order to bolster their cyber defences.

“Going forwards, Funky Pigeon should invest in ensuring employees understand the evolving cybersecurity ecosystem at every tier of its structure, as well as implementing intelligent and agile security measures to diminish the risk of a successful attack. By doing so, it can make its employees its first line of defence, and protect its infrastructure and customers from such attacks in the future.”

Get the latest news from DIGIT direct to your inbox

Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.

To subscribe, click here.

Original Source link

Leave a Reply

Your email address will not be published.

4 + six =