The Works responds to cyber-attack

  • 05 Apr 2022
  • Kieran

UK-based retailer The Works is currently dealing with the impacts of a cyber security incident, involving “unauthorized access to its computer systems”. The cyber-attack has resulted in the organization having to shut some stores due to till issues, while it also reported limited disruption to its trading and business operations.

“Replenishment deliveries to the Group's stores were suspended temporarily and the normal delivery window for the fulfilment of online orders was extended, but store deliveries are expected to resume imminently and the normal online service levels are progressively being reintroduced. The company does not currently anticipate that this incident will have a material adverse impact on its forecasts or financial position,” said the company in a statement.

With regards to the organization’s response to the incident, it has reportedly taken several steps after being alerted to the attack by its security firewall. This included disabling all internal and external access to its systems, including email, while the business worked with external advisors to evaluate the attack. It has also appointed forensic cyber-security experts to investigate and undergo recovery work.

The organization also noted that it “has made some immediate protective changes to further strengthen its security position.” Alongside this, it has contacted the Information Commissioner's Office (ICO) as a precautionary measure as it is yet to establish the full extent of the attack and if any other data may have been affected.

Going forwards, the organization has stated that customers can continue to shop safely both online and in-store. “All debit and credit card payment data are processed securely outside the Group's systems, via accredited third-party networks and, therefore, there is no risk that this payment data has been accessed improperly.”

From the organization’s actions following the incident, which they became aware of last week[1], it seems clear that they had a plan in place to ensure business continuity in the event of this type of cybersecurity incident. The impact on its business also appears to have been kept to a minimum, with only 5 stores out of 526 impacted and deliveries expected to resume shortly. The nature of having payment data processed via a third-party network has also reduced the chance of private data exposed to the hackers, but regardless contacting the ICO as early as possible in the process is a positive step.



More on
About the author

Kieran Matthews

Content Creator, The BCI