WH Smith has Confirmed it has been the Target of a Cyber-Attack!

WH Smith has Confirmed it has been the Target of a Cyber-Attack!

WH Smith has confirmed it has been the target of a cyber-attack that has seen hackers access company data, including current & former employee information.

A spokesperson for WH Smith explained: “Upon becoming aware of the incident, we immediately launched an investigation, engaged specialist support services & implemented our incident response plans, which included notifying the relevant authorities.”

This incident comes during a wave of cyber-attacks in 2023, with PayPal & JD Sports having also suffered from hacker groups.

Outdated Security – Studies

Jasson Casey, CTO at Beyond Identity commented on the news.

“This attack on WHSmith serves as yet another reminder that adversaries continue to ramp up their attacks.  While we don’t yet know the details of this incident, successful attacks have become all too common.

Studies like the Verizon Data Breach Investigation Report confirm that threat actors are often taking advantage of outdated security measures that make it cheap & easy to pull off a successful attack.

One very important, but often overlooked step organisations need to take is rethinking how authentication is managed across the enterprise. Hackers no longer break in using sophisticated techniques. They simply log in.

Password-Based Attack

80% of data breaches start with a password-based attack. While MFA was supposed to fix this issue, 1st generation MFA that uses 1 time code, magic links or push notifications are now easily bypassed.

Today, security measures like passwords & weak MFA function as a ‘doorstop’ rather than a ‘padlock’ for attackers.

Moving to modern ‘passwordless’, & phishing resistant MFA needs to become a top priority if organisations want to close this gaping hole & keep customer accounts & internal systems safe & secure.

The unfortunate attack on WHSmith won’t be the last & should be the wake-up call that organisations need to fix outdated controls”

 

 

SHARE ARTICLE