JD Wetherspoon admits data breach

By Liam Garrahan

- Last updated on GMT

JD Wetherspoon admits data breach

Related tags E-mail

JD Wetherspoon has become the latest hospitality business to admit that some customer and staff data, including credit and debit cards, names, mobile phone numbers, email addresses, and dates of birth, has been accessed illegally by a third party.

The data breach, which took place between 15 and 17 June this year and saw the data of 656,723 customers accessed, is the latest in a recent line of attacks on the hospitality industry​.

The operator has said that ‘a tiny minority’ of 100 customers had their credit/debit cards accessed; this was limited to the final four digits of the card. As a result, no fraudulent activity can take place. Those who were affected by this purchased Wetherspoon vouchers online before August 2014.

Some personal staff details, registered before 10 November 2011, were stolen, but no salary, bank, tax or national insurance information was breached.

No passwords were obtained by the hackers.

In a statement, Wetherspoon chief executive, John Hutson, said: “We apologise wholeheartedly to customers and staff who have been affected.

“Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence.”

The information was obtained from the pub operator’s old website, which has been replaced in its entirety. The current website is managed by a new digital partner with no links to the website that was the subject of the security breach.

In an email to customers, the operator offered advice to those affected.

“We recommend that you remain vigilant for any emails that you are not expecting, that specifically ask you for personal or financial information, or request you to click on links or download information.

“We also recommend that if you are contacted by anyone asking you for personal data or passwords, such as for your bank account details, you should take all steps to check the true identity of the organisation.”

The Information Commissioner’s Office, which regulates data protection, has been notified of the breach, and the group is investigating the incident.

Related news

Show more

Related products

show more

2023-24 UK Hospitality Trends Report

2023-24 UK Hospitality Trends Report

Content provided by Reputation | 24-Nov-2023 | White Paper

Delve into the depths of the UK hospitality landscape with our exclusive 2023-24 Quick Take Report.

TheFork Guide To Unlocking New Revenue Streams

TheFork Guide To Unlocking New Revenue Streams

Content provided by TheFork | 20-Nov-2023 | White Paper

In the continually evolving and competitive landscape of the restaurant industry, attracting new guests is crucial for profitability and sustained growth.

Festive Season Success Unwrapped

Festive Season Success Unwrapped

Content provided by ResDiary | 17-Aug-2023 | White Paper

8 in 10 restaurants agree that the festive season is a busier time, but a similar proportion (79%) state they still want to be busier.

Related suppliers

Follow us

Hospitality Guides

View more

Generation Next