The Works forced to shut some shops after cyber-attack

  • Published
Woman walks in front of The Works storeImage source, Getty Images

The Works has been forced to shut shops temporarily and suspend new stock deliveries after a cyber-attack.

The retailer said five of its 526 shops have been closed since last week after hackers gained access to its computer systems and caused issues with its tills.

Customers are experiencing longer delivery times for online orders as a result.

The company said that no shoppers' payment details had been compromised.

In a statement, The Works said: "Customers can continue to shop safely at The Works, both in store and online."

It pointed out that all debit and credit card payments are processed outside of its own systems, although it is still working out whether or not customers' personal data may have been affected.

The toys and crafts shop said that it made "immediate changes to further strengthen its security position", as well as taking on cyber security experts who are investigating the attack.

It was made aware of the hack last week, which has been described as a "ransomware" attack, although the hackers are understood not to have made any demands for cash.

The firm disabled all access to its systems, including email, as a precautionary measure once it found out.

It is working to reopen the five shops as soon as it can, while store deliveries are expected to resume "imminently", according to its statement.

It also said that normal online deliveries would be reintroduced gradually, and that it did not expect the attack to have a severe impact on its forecasts for sales or its financial position this year.

The Works said it had told the Information Commissioner's Office (ICO) about the attack. The ICO can enforce fines in cases of serious data breaches.

In February, shops were warned that deliveries of nuts and crisps could be affected after KP Snacks was hit by a ransomware attack. The producer of McCoys and Hula Hoops apologised after it said the problems could last into March.

Cyber security expert Simon Edwards suggested that this recent attack on The Works should serve as an example to other companies.

"Since hostilities started in Ukraine there has been a massive increase in cyber attacks targeting all industry sectors. Although we are yet to know more from the company itself, typically these attacks start with a malicious email sent to an employee," he pointed out.

He added that hackers may have used "wiper" malware in this instance, which effectively destroys the systems it targets.

He also recommended that staff should carry out training to highlight the risk of clicking on links in emails.