Funky Pigeon site offline after "cyber incident"

Online greeting cards business Funky Pigeon has stopped taking orders after it was hit by a cyber attack.

The company became aware of the incident last Thursday and said it has informed "the relevant regulators" about the breach.

Funky Pigeon is owned by WH Smiths, and the retailer confirmed that it had taken the system offline, "as a precaution", and is, therefore, unable to fulfil any orders. The company is also writing to all customers from the past 12 months to let them know about the incident, though it said it did not believe account passwords had been compromised.

"As soon as we discovered the incident last Thursday, we launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data," Funky Pigeon said in a statement.

"We are currently investigating the extent to which any personal data - specifically names, addresses, email addresses and personalised card and gift designs - has been accessed. We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website."

The attack has come just a couple of weeks after a similar incident suffered by The Works, which was also forced to shut down some parts of its operation.

When an organisation is breached by a cyber attack, its security teams are under immense pressure to get their services back up and running as soon as possible, according to Justin Vaughan-Brown, VP of strategic communications at Deep Instinct.

"On top of this stress, security teams have the constant fear of threat actors returning to the network to cause further harm, with a second attack potentially causing lasting and irreversible damage," Vaughan-Brown said. "Organisations must, therefore, invest in security solutions that are proactive and preventative, rather than reactive, to ensure that cyber attacks are stopped before they damage an organisation's network. "