Security News > 2022 > April > Funky Pigeon pauses all orders after 'security incident'

British retailer WH Smith has confirmed that Funky Pigeon, its online greetings card and gift subsidiary, has halted all further orders after a "Security incident."

Today London Stock Exchange-listed WH Smith issued a statement to the market admitting Funky Pigeon was "Subject to a cyber security incident affecting part of its systems on Thursday 14 April 2022.".

"We take the security of customer data extremely seriously," the statement added.

"The company has temporarily suspended orders from the website and is currently is currently investigating the detail of the incident with external IT specialists."

Just because Funky Pigeon's customers' payment data was not accessed by the attackers "Doesn't mean it's in the clear yet," said Dominic Trott, UK product manager at Orange Cyberdefense.

"Hackers continue to mix and match malware ingredients deployed during the attack, as well as escalating their techniques from beyond phishing. Organizations need to protect their outward facing attack surface, but equally importantly, establish internal barriers to prevent lateral exploitation on which attackers rely to establish persistence and larger network access once they establish a foothold on a single system."

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/19/funky_pigeon_security_incident/