LONDON (Reuters) - British pub chain JD Wetherspoon has been hit by a cyber attack which leaked the names, email addresses and birthdates of 650,000 customers as well as some of the credit and debit card details for 100 buyers of its gift vouchers, it said on Friday.
Wetherspoon, which operates around 900 pubs, said the attack on its database occurred in June but had only just been discovered, and mainly affected customers who had purchased vouchers online or signed up to the company newsletter.
It said no complete card numbers were recorded and as a result the data could not be used for fraudulent purposes.
Cyber security has become an increasing concern for companies in Britain and worldwide following a string of high-profile attacks on customer databases in recent weeks.
British telecoms company TalkTalk was hit in October, with the personal details of 157,000 customers stolen from its database via its website, while earlier this week Hong Kong-based digital toy maker VTech Holdings said data on 6.4 million children across multiple markets had been accessed by hackers.
Wetherspoon said the information had been obtained from its old website, which has since been replaced by a new, unconnected site.
“We apologize wholeheartedly to customers and staff who have been affected,” said Chief Executive John Hutson.
“Unfortunately, hacking is becoming more and more sophisticated and widespread. We are determined to respond to this by increasing our efforts and investment in security and will be doing everything possible to prevent a recurrence.”
Shares in Wetherspoon reversed earlier losses on Friday to trade up 1.43 percent at 745 pence by 1024 GMT (0524 EDT) to value the company at 879 million pounds ($1.3 billion).
The company said some personal information from its staff had also been stolen, but not salary, bank, tax or National Insurance numbers.
($1 = 0.6615 pounds)
Editing by Paul Sandle and Greg Mahlich