A cyber-attack at a UK floor covering distributor has resulted in the exposure of some data, the company confirmed today (November 24).
Headlam Group, based in Birmingham and with operations across Europe, announced it had suffered a security incident when an unauthorized user gained access to its computer systems.
“Certain back office systems were affected, including the email system which has now been restored,” according to Headlam Group.
The system containing customer and supplier information was not accessed and the breach has had “minimal impact on operations”, it added.
Laying blame
In a statement posted online, the firm blamed a “well-known organization” for the attack, but stopped short of identifying the suspect.
The notice read: “External forensic cybersecurity experts have been appointed whose investigations are ongoing.
“The incident perpetrator is a well-known newer organization which has carried out multiple such incidents recently.”
Headlam Group said there is “evidence of extraction of a small amount of data”. It has informed both the UK’s Information Commissioner’s Office and law enforcement.
The Daily Swig has reached out for further clarification and comment, and will update this article accordingly.
Another blow
The announcement comes as Headlam Group continues to recover from coronavirus-related economic headwinds.
In a trading update on November 19, the floor coverings distributor said revenue for the four months to October 31 was down 1.2% on the prior-year period.
“Following the Q2 2020 performance which was significantly impacted by Covid-19, trading to-date in the second half has seen a strong and sustained recovery to 2019 levels,” the company said.
“Given this sustained recovery in performance and management’s continued focus on costs, the company now expects to report underlying profit before tax for the year materially ahead of current market expectations of a breakeven performance.”
Source: https://portswigger.net/daily-swig/data-breach-at-uk-flooring-firm-headlam-group-after-company-suffers-cyber-attack