Pub operator JD Wetherspoon has written to customers to warn them that some of their personal data may have been breached following a data hack.
According to the company, it was alerted on December 1 that an illegal third party had accessed its old website. It has now instructed a leading cyber security specialist to conduct a full forensic investigation into the breach.
Wetherspoon alerted customers to the situation by email, advising that no financial data or passwords were breached in the hack. However, around 100 customers who purchased Wetherspoon vouchers online before August 2014 may have had limited credit and debit card data accessed, including the last four digits of the card.
Wetherspoon chief executive John Hutson said: 'We apologise wholeheartedly to customers and staff who have been affected. Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence.
'We cannot confirm whether any of your personal data was included in this breach. However, I wanted to make you aware immediately and apologise on behalf of the company.'
The information was obtained from its old website, which has been replaced in its entirety. The company’s current website is managed by a new digital partner, which has no connection to the website that was the subject of the breach of security.