United Kingdom’s fourth largest supermarket chain was today hacked by an insider who managed to steal all the personal and financial information about the Morrisons employees and posted it on a website. And Morrisons is a big employer with more than 100,000 employees. The Bradford Telegraph & Argus newspaper which first reported the news, said it had alerted Morrisons to the leak of data. The BTA also said the leak data contained the pay and bank account details of about 100,000 staff, from director level downwards.
Morrisons acknowledged the breach in a email to its employees. It also made a post of the same on its Facebook page three hours ago. “We are extremely sorry to inform you that there has been a theft of colleagues’ personal information, which was uploaded onto a website. As soon as we became aware of this last night we took immediate steps to ensure the data was removed from the website,”
The Bradford Telegraph & Argus newspaper which had alerted Morrisons about the breach said it had anonymously received a disc containing the information by a “concerned Morrisons shopper”.
Since the breach has happened from the top management level downwards, most of the staff will be effected by the leaks as the leak contains names, addresses, and bank account details.
Morrisons said that this act was “an illegal theft of data” and says that it is working with the police and cybercrime authorities to get to the bottom of it. It has also assured its employees they will be not be “financially disadvantaged” by the data theft.
“Our immediate priority is the security of your financial information. We are currently working with Experian and the major banks to ensure that we provide full support and assistance to all affected colleagues. This will include support and advice around protection of your bank account,” the company noted.
As of now the indications are that no customer information has been stolen because the security staff of Morrisons says there’s no evidence that this is an external attack. In the meantime, it has urged all it employees to get in touch with it at following email id to know more about this incident : data.advice (at) morrisonsplc.co.uk