WHSmith IT Bug Exposes Customer Info

Reports are emerging of IT problems at UK high street chain WHSmith which have exposed personal information from subscribers to other customers.

The stationer and bookstore admitted to The Independent that there had been a “bug” in the system supporting its magazine subscription service, leading to customers “receiving emails this morning that have been misdirected in error.”

The firm claimed the Contact Us form, which was at the source of the problem, has now been taken down.

A statement had the following:

"I-subscribe (who manage WHSmith's magazine subscriptions) are contacting the customers concerned to apologize for this administrative processing error. We can confirm that this issue has not impacted or compromised any customer passwords or payment details.”

Angry customers have flooded the WHSmith Facebook page to complain, with phone numbers, email addresses and names of subscribers apparently sent to other subscribers in error thanks to the IT glitch.

One, Jenny Gallagher, complained: “I've had about 16 emails from your customers emailing your company. What is going on??? It’s very irritating and I want to know why these emails (with confidential information) are coming to my inbox.”

Another, Steph Armitt, said: “65 emails starting at 00.12 this morning with different customers names, phone numbers and email addresses????? Very irritating......”

Kevin Cunningham, founder of identity access management firm SailPoint, argued that every stakeholder from the board down needs to work together to protect sensitive information and prevent cases like this.

“IT can only do so much to protect the internal infrastructure, but with the right tools in place to put some onus back on the employees they can help alleviate the burden,” he added.

“It falls to the employees and management to ensure that protecting sensitive information is of the utmost importance.”

WHSmith was at pains to point out that the issue in this instance was not a data breach caused by external hackers but an IT bug. However, it does appear to have led to a significant privacy breach.

WHSmith IT Bug Exposes Customer Info

Phil Muncaster

You may also like

US standards drive Canadian information security

Facebook Set For Major Privacy Overhaul Following Fine

Veracode beefs up BYOD strategy with Marvin acquisition

Twitter CEO: We're committed to user privacy

Two Years of GDPR

What’s hot on Infosecurity Magazine?

How do I Repair Outlook PST File?

Over 850 Vulnerable Devices Secured Through CISA Ransomware Program

Ring to Pay Out $5.6m in Refunds After Customer Privacy Breach

How to Open and View OST Files Without Outlook

Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023

Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US

Alarming Decline in Cybersecurity Job Postings in the US

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Dependency Confusion Vulnerability Found in Apache Project

Security Leaders Braced for Daily AI-Driven Attacks by Year-End

How to Navigate the Risks of Generative AI

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Beyond Passwords: Securing the Digital Age with MFA, 2FA, and Passwordless Authentication

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024

WHSmith IT Bug Exposes Customer Info

Written by

You may also like

What’s hot on Infosecurity Magazine?