This article is more than 1 year old

Funky Pigeon pauses all orders after 'security incident'

Parent WH Smith says no customer payment data exposed, according to current investigations

British retailer WH Smith has confirmed that Funky Pigeon, its online greetings card and gift subsidiary, has halted all further orders after a "security incident."

The company's social media feeds told customers late last week that "technical issues" were delaying new business being processed.

Today London Stock Exchange-listed WH Smith issued a statement to the market admitting Funky Pigeon was "subject to a cyber security incident affecting part of its systems on Thursday 14 April 2022."

"We take the security of customer data extremely seriously," the statement added. "The company has temporarily suspended orders from the website and is currently is currently investigating the detail of the incident with external IT specialists.

"No customer payment data, such as bank account or credit card details, has been placed at risk – all of this data is processed securely via accredited third-parties and is securely encrypted."

It added in a statement to The Register: "We have taken our systems offline as a precaution... We are also writing to all customers over the last 12v months to inform them of these issues."

Resident techies and external help are "currently investigating the extent" to which customers' personal details – specifically names, addresses, email addresses, personalized cards and gift designs – were accessed.

The way the attackers entered the system was not confirmed by WH Smith, nor whether any demands were made. We have asked the company to comment further.

Just because Funky Pigeon's customers' payment data was not accessed by the attackers "doesn't mean it's in the clear yet," said Dominic Trott, UK product manager at Orange Cyberdefense.

"Consumers are becoming increasingly aware of the risk of cybercrime as it rises higher on the mainstream news agenda, so the incident could still have an impact on the company's reputation, and its consumers' willingness to spend," he added.

Bill Conner, CEO at SonicWall, said the attack is "another example of how relentless cybercriminals are in their search for profit."

"Holding victim organizations' business hostage uniquely impacts retailers and other organizations that provide daily, direct services to their customers. Such attacks directly affect the victim's revenue generation and thus provide additional leverage to the attackers.

"Hackers continue to mix and match malware ingredients deployed during the attack, as well as escalating their techniques from beyond phishing. Organizations need to protect their outward facing attack surface, but equally importantly, establish internal barriers to prevent lateral exploitation on which attackers rely to establish persistence and larger network access once they establish a foothold on a single system."

WH Smith told us: "We have also informed the relevant regulators and law enforcement authorities, and we will continue to review and update our protocols based on what we learn from this incident. ®

More about


Send us news

Other stories you might like