The Works forced to close stores amid cyber security incident

The Works has confirmed it has been victim to a cyber security incident involving unauthorised access to its computer systems, which led to several temporary store closures.

The retailer said the incident caused “some limited disruption” to trading and business operations, including the closure of some stores due to till issues. Replenishment deliveries to its stores were also suspended temporarily and the normal delivery window for online orders was extended.

Store deliveries are expected to resume “imminently” however, and the group said the normal online service levels are “progressively being reintroduced”. It added that it does not currently “anticipate that this incident will have a material adverse impact on its forecasts or financial position”.

It said: “Customers can continue to shop safely at The Works, both in store and online. All debit and credit card payment data are processed securely outside the group’s systems, via accredited third-party networks and, therefore, there is no risk that this payment data has been accessed improperly.”

Since being alerted to the incident by its security firewall, The Works has taken several actions to protect the business and customers:

•   As a precautionary measure, it disabled all internal and external access to its systems, including email, whilst it worked with its advisors to evaluate and rectify the situation
•   External forensic cyber security experts have been appointed whose investigations and recovery work are ongoing
•   To protect customers and the business, it has made some immediate protective changes to further strengthen its security position
•   Whilst payment data has not been compromised, it has not yet been possible to establish the full extent to which any other data may have been affected and therefore, as a precautionary measure, it has informed the Information Commissioner’s Office