Internal human resources data held by hairdresser chain Peter Mark has been “compromised” in a cyber attack on the business, the group confirmed in a statement on Thursday.
While it said the attack had not affected its customer payments system or the operation of its salons, the group said it is currently liaising with gardaí from the National Cyber Security Centre to assess what information has been affected.
“The nature and extent of this breach remains under investigation, including what exact data on our systems has been affected,” it said.
[ Irish businesses fear online attacks, but few plan cybersecurity investmentOpens in new window ]
“However, initial results of the investigation indicate that some human resources data has been compromised. It is not clear yet what other data was part of this breach and we are continuing to investigate this matter. There is no evidence that any personal data has been leaked on the dark web but we are continuing to monitor this.”
The Peter Mark group, which generated revenues of more than €33 million in 2021 according to accounts filed earlier this year, said that the initial investigation found evidence that an “unauthorised third party illegally gained access to certain information stored on our internal office IT system”.
The company said: “Following our detection of this issue, steps were taken to intercept and manage it. We have engaged highly specialised services to assist us with the investigation and help resolve the incident.”
The chain has reminded its customers not to disclose any personal data in response unsolicited calls or communications from entities or individuals purporting to be a Peter Mark salon.
“Please remember, we will never ask you for card details when making an appointment at Peter Mark, either by telephone or via our online booking system,” it said.
The group said it would provide further updates to relevant authorities and affected individuals in line with its data protection obligations.