Pub company JD Wetherspoon has confirmed that its database was the target of a cyberattack. The data breach could potentially affect over half a million customer records from the database.
A database of over 650,000 customers of UK pub chain JD Wetherspoon has been breached by unknown malicious hackers. According to a statement put out by the company, a “very limited” number of customers have had their credit and debit card details stolen, although they are unlikely to be used for fraudulent transactions.
While the card data was not encrypted, only the last four digits of payment card details were stored in the database to begin with, according to CEO John Hutson.
The statement read:
These credit or debit card details cannot be used on their own for fraudulent purposes, because the first 12 digits and the security number on the reverse of the card were not stored on the database.
In a BBC report, it is revealed that the database also held details of 656,723 customers such as:
- Dates of birth
- Email addresses
- Phone numbers
The breach is significant, despite the lack of financial information stolen as it is entirely within the realm of possibility that expert malicious hackers could potentially use the breached personal data to engage in identity theft of phishing campaigns.
Also read: UK ISP TalkTalk Breach Could Compromise 4 Million Users
In a letter to customers, Hutson stressed there was no evidence to show any fraudulent activity from the breached data. Customers are also recommended to stay vigilant against any emails or messages that request them to click or download any files or request any financial and personal data.
An excerpt from the statement read:
We apologize wholeheartedly to customers and staff who have been affected. Unfortunately, hacking is becoming more and more sophisticated and widespread.
The cyberattack struck the company’s old website between June 15 and June 17. The website has since been replaced. Wetherspoon was only made aware of the possible breach on December 1 while confirming it soon after.
The United Kingdom has weathered a blitz of cyberattacks lately with the TalkTalk hack proving to be the most prominent data breach in recent times. Over 4 million users’ personal details may have been compromised with the telecom and broadband provider noting that it might cost the company upwards of $50 million as a one-time financial hit.
Featured image The Flying Standard pub from Shutterstock.