UK retailer The Works suffers ransomware attack leading to store closures

An employee falling victim to a malicious phishing email facilitated the attack but customer payment data has not been compromised

The Works storefront
(Image credit: Getty Images)
Connor Jones's avatar
By
published
in News

UK high street retail store The Works has confirmed a cyber attack on its systems, forcing some stores to close, with sources close to the matter saying systems are hit with ransomware.

The ransomware attack was facilitated by an employee falling victim to a phishing email, according to sources familiar with the situation. The company is working to fully understand the extent of the attack but can confirm that no customer payment data has been compromised.

The worst hacks of all time Ten ways to protect your company from the next big data breach Data breach costs surge to record high in 2021

The Works has called in unnamed outside cyber security experts to conduct digital forensics on the incident and the Information Commissioner’s Office (ICO) has been informed in case other data belonging to customers has been stolen.

The specific ransomware group behind the attack, the ransomware used, or the exact ransom demand, has not yet been confirmed but sources said The Works is not going to currently speculate about the potential for paying the ransom.

The retailer said customers are still safe to shop in-store and online since its credit and debit payments are processed by an outside third party - “there is no risk that this payment data has been accessed improperly,” it said.

RELATED RESOURCE

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

FREE DOWNLOAD

The Works has disabled all internal and external access to its systems and staff emails until the investigation into the situation is complete.

It also said “to protect customers and the business, the company has made some immediate protective changes to further strengthen its security position” but did not elaborate on what these changes entail.

“There has been some limited disruption to trading and business operations, including the closure of some stores due to till issues,” it said. Replenishment deliveries to the Group's stores were suspended temporarily and the normal delivery window for the fulfilment of online orders was extended, but store deliveries are expected to resume imminently and the normal online service levels are progressively being reintroduced.

“The Company does not currently anticipate that this incident will have a material adverse impact on its forecasts or financial position.”

The Works currently operates more than 520 stores nationwide and is a popular store for gifts, crafts, toys, books, and stationary.

Connor Jones
Connor Jones
Contributor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.

Latest
You might also like
View More ▸