Wetherspoon customers’ details stolen
JD Wetherspoon said in a statement the card details of 100 people were compromised in a website breach in June, along with 650,000 customers’ names, dates of birth, email addresses and phone numbers.
The pub chain’s CEO John Hutson warned customers to be “vigilant” when checking their emails. He wrote: “We have taken all necessary measures to make our website secure again following this attack. A forensic investigation into the breach in continuing.
“In this instance, we recommend that you remain vigilant for any emails that you are not expecting, that specifically ask you for personal or financial information, or request you to click on links or download information.”
The chain told the BBC only the last four digits of the cards were taken, and said the security numbers on the reverse of the cards had not been stolen.
It said: “These credit or debit card details cannot be used on their own for fraudulent purposes, because the first 12 digits and the security number on the reverse of the card were not stored on the database.”
The company said it received information on 1 December that the information may have been hacked, prompting an “urgent investigation by cyber security specialists”.
It was then confirmed that its old website, which has since been replaced, had been hacked between 15 June and 17 June this year.
Mr Hutson said: “Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence.”