The parent company of popular coffee barista chain Costa Coffee has suffered a data breach resulting in leak of employee details.
A new disclosure has revealed a data breach impacting one of the UK’s biggest hospitality firms Whitbread wherein the details of an online recruitment system has leaked the names, email addresses, phone numbers, physical addresses and other employee information exposed.
Run by Aussie recruitment software company PageUp, the online recruitment system breach could also impact prospective employees who have applied for jobs with PageUp’s clients including people those applicants had listed as employment references.
According to PageUp, the breadth of data exposed could include:
- Names
- Genders
- Dates of birth
- Nationalities
- Email addresses
- Physical addresses
- Telephone numbers
- Employment information
“For those employees who currently or previously had access to a client’s PageUp instance, current password data is protected using the robust password hashing algorithm, bcrypt, which includes salts, and therefore is considered to be of very low risk to individuals,” the company said, nudging employees to change their passwords. “Password data for applicants was protected using industry best practice techniques, including hashing and salting and therefore evaluated as a very low risk.”
The company said it had “retained one of Australia’s leading cybersecurity firms” to conduct a forensic analysis while insisting that the incident had since been contained.
“Importantly, we are confident that the most critical data categories including resumes, financial information, Australian tax file numbers, employee performance reports and employment contracts are not affected in this incident,” PageUp added.
Still, there’s no getting away from the fact that the company was hacked in a breach that encompasses the HR software maker’s clientele including Costa Coffee, Premier Inn, Brewers Fayre and other UK-based hospitality chains.
Image credit: Pexels.
