Morrisons has been hit by an employee data theft from its staff payroll system which affects “all levels” of the organisation.
The grocer shared the news on its official Facebook page and staff names, addresses and bank account details are believed to be affected.
The news comes on the same day as the supermarket was hit by a profit warning and announced huge losses. It said it was currently “working with Experian and the major banks” to provide full support and assistance to “all affected colleagues”.
It said in a statement: “We are extremely sorry to inform you that there has been a theft of colleagues’ personal information, which was uploaded onto a website. As soon as we became aware of this last night we took immediate steps to ensure the data was removed from the website. It was closed down within hours of us being notified.” It has set up a dedicated email address and is in the process of setting up a help line for cases.
Morrisons said that CEO Dalton Philips was “leading the response.”
Paul Kenyon, co-founder and EVP of global sales at Avecto commented: “It appears Morrisons has been the subject of a insider attack. Organisations can invest a huge amount protecting their networks and data from outside attacks, but those defences mean little against a rogue employee with an agenda, or even an unintentional error.”