Funky Pigeon Halts Online Orders After Cyberattack

Funky Pigeon has suspended online orders after it suffered a cyberattack last week, and is still assessing how much damage has been caused.

The online greeting card company made no public statement about the security breach on either its website or official Twitter account as of 2pm Tuesday, but according to the Guardian newspaper, it is writing to all customers over the past 12 months to inform them of the hack.

The WH Smith-owned company however said that no payment data was at risk and it did not believe account passwords had been affected.

Funky pigeon hack

WH Smith itself in 2015 suffered a serious privacy mishap, after a misconfigured web page triggered a mass email to its entire mailing list.

But now it subsidiary unit has suffered an actual cyberattack, and is not taking any more online orders.

“As soon as we discovered the incident last Thursday, we launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data,” the Guardian quoted Funky Pigeon as saying in a statement.

“We are currently investigating the extent to which any personal data – specifically names, addresses, email addresses and personalised card and gift designs – has been accessed,” it reportedly said.

“We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website.”

Funky Pigeon has reportedly informed the Information Commissioners Office (ICO) and law enforcement about the breach.

“We would like to sincerely apologise to our customers for any concern or disruption this may cause, and reassure them that our teams are working around the clock to investigate and resolve this incident,” the company was quoted by the Guardian as saying.

“As our investigation progresses, we will provide further updates to customers and other affected parties as necessary.”

The Guardian pointed out that the Funky Pigeon hack comes two weeks after another UK retailer, The Works, was forced to shut some of its stores and halt stock deliveries to its shops after a cyber-attack.

Future risk

One security expert noted that while payment and password data has apparently not been compromised, there is a still a risk for customers going forward as other data such as names, email and addresses can be exploited.

“The cyberattack on Funky Pigeon is another example of the widespread impact cyberattacks can have on both businesses and customers. WH Smith confirmed that the attack on its greeting card subsidiary ahead of the Easter weekend had potentially put personal data at risk, and forced them to temporarily suspend orders on their website,” noted Justin Vaughan-Brown, VP of strategic communications at AI cybersecurity specialist Deep Instinct.

“Although Funky Pigeon has confirmed that they believe no customer payment data is at risk, personal data such as names, addresses and emails may have been accessed,” said Vaughan-Brown. “Unfortunately, stolen data usually ends up being sold on the dark web and can be used to commit further crimes such as fraud. It is an awful position for both the business and customers to be in- not knowing who has access to their personal data, and ultimately, what they could be using it for.”

“When organisations are breached by a cyberattack, security teams are under immense pressure to get their IT services back up and running as soon as possible, knowing that every minute offline is harming the business,” said Vaughan-Brown.

“On top of this stress, security teams have the constant fear of threat actors returning to the network to cause further harm, with a second attack potentially causing lasting and irreversible damage,” said Vaughan-Brown. “Organisations must, therefore, invest in security solutions that are proactive and preventative, rather than reactive, to ensure that cyberattacks are stopped before they damage an organisation’s network. ”

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

2 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

2 hours ago

Dutch PM Raises Cyber Espionage Case With China’s Xi

Beijing visit sees Dutch Prime Minister Mark Rutte discuss cyber espionage incident with Chinese President…

3 hours ago

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

19 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

20 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

21 hours ago