The Works closes stores after cyberattack

The firm was forced to temporarily close five of its 200+ stores in the UK

Image:

The firm was forced to temporarily close five of its 200+ stores in the UK

Toys, books and stationery retailer The Works has been hit by a cyberattack, forcing it to temporarily shut stores and halt new stock deliveries.

The retailer, which operates more than 520 outlets across the UK, said there had been 'minor' interruption to trade and business operations after hackers accessed the company's computer systems and caused issues with its tills.

The retailer took steps to remediate the issue after its security firewall alerted it to the incident, including 'immediate changes' to enhance its security posture and hiring cyber security experts to look into the breach.

The Works blocked internal and external access to its computer systems, including emails, as a precaution while it worked to assess and address the problem.

Investigations and recovery work are currently underway by external professionals.

The hack caused fresh stock deliveries to Works stores to be temporarily halted, and also resulted in extended delivery times for online orders.

Normal online services are gradually being restored, and retail deliveries are anticipated to resume 'imminently.'

The company says the hackers did not access any customer payment data. All debt and credit card transactions are processed by third parties outside of The Works' own systems.

However, the London-listed company does not know whether the criminals were able to see or steal any other information.

The company does not expect the breach to have a major negative impact on its financial position or forecasts.

Despite the fact that the assault appears to be a ransomware attack, it is believed that The Works has not yet received any ransom demand from the attackers.

Hugh Raynor, senior cybersecurity consultant at SureCloud noted: "This attack on The Works seemingly has all the hallmarks of a traditional ransomware attack, except for, bizarrely, the request for a ransom.

"We understand that the company have not yet received any communication from the criminals who launched this ransomware attack, and given their quick and effective recovery, it's now unlikely that any extortion attempt will follow.

"Whilst The Works have done well to resume operations and trading thanks to their quick identification, containment, eradication, and subsequent recovery, they will definitely be looking to improve their preventative cyber security controls in the coming weeks."

Helen Davenport a tech partner at the law firm Gowling WLG said: "It seems that the protection of customer data has been prioritised by the brand as it looks to tackle the practical fallout and effect on its store network and supply chain capabilities. It will be interesting to see whether the brand puts more preventative measures in place moving forward to ensure that essential business is not lost as the scramble to react to an attack takes hold."

A UK government report last week said that two in five UK businesses detected at least one cyberattack on their operations in the last 12 months.

The average estimated cost of a cyberattack in the past 12 months was £4,200, taking into consideration the firms that reported a material outcome, such as loss of data or money, according to the report. Excluding small firms, the average cost increased to £19,400.