Order now & we'll post it today
- 1st class, Express & Guaranteed Tracked options available. Click for more info
Search

Cyber Security Hub

News & Latest Updates

Cyber Security Update April 27, 2022

Cyber Security Incident

Dear Valuable Customers,

We want to thank you for your patience and understanding following our statement on 19 April 2022. We know that every time you shop with Funky Pigeon you put your trust in us, and that's why our team has been working around the clock to securely restore the website and app, and we're really pleased to let you know that the website is now live and ready to take new orders.

Regrettably, as part of the process to restore the website, we have had to take a number of actions which may impact existing orders that our customers have placed. These include:

  1. All previous orders or items placed in a customer's basket have been cleared or removed from the basket. We appreciate that this may cause inconvenience to some of our customers and we're really sorry to have to do this. The good news is that customers are now able to create new orders via the website.

  2. In the immediate term, newly placed card orders will only be available to be delivered direct to the recipient (and not back to sender). We are currently working on resolving this and expect to have our 'Back to sender' service back up and running very soon.

  3. We have had to cancel a number of orders to prevent letting our customers down with late deliveries due to our suspended service. We are writing to all affected customers to make them aware if they have been affected by this.

Your shopping experience is our top priority and we are really sorry to any customers who have been affected by this short-term disruption. We are committed to providing the best possible customer service and look forward to welcoming our customers back to the website.

Cyber Security Incident April 19, 2022

Cyber Security Incident

Funky Pigeon regrets to inform customers that it has been subject to a cyber security incident. We have taken our systems offline as a precaution, and we are currently unable to fulfil orders while we work to restore our services. We are also writing to all customers over the last 12 months to inform them of these issues.

As soon as we discovered the incident last Thursday, we launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data. No customer payment data, such as bank account or credit card details, has been placed at risk -all of this data is processed securely via accredited third-parties and is securely encrypted. We also do not believe any customer account passwords have been placed at risk.

We are currently investigating the extent to which any personal data, specifically names, addresses, e-mail addresses, telephone numbers and personalised card and gift designs has been accessed.

We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website. We have also informed the relevant regulators and law enforcement authorities, and we will continue to review and update our protocols based on what we learn from this incident.

We would like to sincerely apologise to our customers for any concern or disruption this may cause, and reassure them that our teams are working around the clock to investigate and resolve this incident. As our investigation progresses, we will provide further updates to customers and other affected parties as necessary.

Cyber Security Q&A

How do I know if my data has been impacted?

Firstly, our customers are our top priority and we recognise that every time you shop with us, you put your trust in Funky Pigeon. We would like to sincerely apologise for any concern or disruption this incident may have caused you.

We take the security of customer data extremely seriously and Funky Pigeon is already implementing measures to enhance our security and further protect your data.

We have no evidence that customer payment data, such as bank account or credit card details, has been placed at risk. The services impacted were not used to store customer financial card data. All of this data is processed securely via accredited third parties and is securely encrypted. We also do not believe any customer account passwords have been placed at risk.

We are nevertheless writing to all customers over the last 12 months to inform them of the incident.

We are also currently investigating the extent to which any other personal data, specifically names, addresses, e-mail addresses, telephone numbers and personalised card and gift designs has been accessed. Given the investigation is ongoing, we will provide further updates to customers as soon as possible, should there be a material change which directly impacts them.

If passwords and payment details are secure, why is the site down and why has it stopped taking orders?

We have taken our systems offline as a precaution, and we are currently unable to fulfil orders while we work to restore our services. While this effort is ongoing, we have temporarily suspended any new orders via the website.

The safety of our customers' data is our top priority, and we are working with external experts to verify every aspect of our infrastructure and operation to ensure that there is no further risk as we re-establish services in a safe and controlled manner.

We can confirm that the services impacted were not used to store customer financial card data. All of this data is processed securely via accredited third-parties and is securely encrypted. Therefore, we have no evidence that customer payment data, such as bank account or credit card details, has been placed at risk. We also do not believe any customer account passwords have been placed at risk.

We do hope this offers you some reassurance.

As a loyal customer, why haven't you notified me of this cyber security incident?

We take the security of customer data extremely seriously and we immediately launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data. These incidents are complex and resource intensive and any thorough investigation requires time to be comprehensive and accurate. We want to ensure that our customers are provided with accurate information.

We are writing to all customers over the last 12 months to inform them of the incident. We are still investigating to what extent any personal data, specifically names, addresses, e-mail addresses, telephone numbers and personalised card and gift designs has been accessed. As our investigation progresses, we will provide further updates to customers, as necessary, should there be a material change which directly impacts them.

We do hope this offers you some reassurance.

Why are customers still able to access the website?

The customer facing website was not affected by the cyber security incident. However, as soon as we discovered the incident, we isolated our other relevant systems and temporarily suspended any new orders via the website to protect our customers as a precaution while we work to restore our systems.

Our customers are our top priority and we deeply value our loyal customer base. We would like to sincerely apologise for any upset or disruption this may have caused.

We do hope this offers you some reassurance.

How can you reassure me that using your website is going to be safe in the future?

Our customers are our top priority and we deeply value our loyal customer base. We would like to sincerely apologise for any upset or disruption this situation may have caused.

Regrettably, all online businesses are at risk of being targeted by cyber criminals. We have processes in place to protect our customers' data and as soon as we discovered this incident we took immediate steps to address the issue. While the customer facing website was not affected by the incident, we took the quick decision to temporarily suspend any new orders to protect our customers as a precaution.

We know that every time you shop with Funky Pigeon you put your trust in us, and that's why we take the security of your data extremely seriously. Our teams have been working around the clock to investigate and resolve this incident. Funky Pigeon is already implementing measures to enhance our security and further protect your data.

We are working with external experts to verify every aspect of our infrastructure and operation to ensure that there is no further risk as we re-establish services in a safe and controlled manner.

As our investigation progresses, we will provide further updates to customers as soon as possible, should there be a material change which directly impacts them.

I ordered a photo card last week that didn't ever arrive. What has happened to it?

The customer facing website was not affected by the cyber security incident. However, as soon as we discovered the incident, we isolated our other relevant systems to protect our customers as a precaution while we work to restore our systems.

This unfortunately meant that we were unable to fulfil some recently placed orders. If you have been affected by this, you should have received a full refund. If you have not yet received a refund, please contact us to let us know.

We do hope this offers you some reassurance.

I would like to close my account - how can I do this?

Our customers are our top priority and we deeply value our loyal customer base. We would like to sincerely apologise for any upset or disruption this may have caused.

We know that every time you shop with Funky Pigeon you put your trust in us, and that's why we take the security of your data extremely seriously. Our teams have been working around the clock to investigate and resolve this incident. Funky Pigeon is already implementing measures to enhance our security and further protect your data.

We are sorry you feel the need to close your account with us. If you still wish to do so, you can do this by confirming the address stored on your account and we will be able to commence account closure. This can take up to 30 days to be completed.

If you would like to proceed with account closure please do let us know.

Cyber Security Help

I've noticed suspicious activity on my bank account - is this linked to the Funky Pigeon incident? How can I protect myself?

We are in the process of investigating the impact of the recent cyber security incident . This investigation is ongoing, but at present we have no evidence that customer payment data, such as bank account or credit card details, has been placed at risk. The services impacted were not used to store customer financial card data. All of this data is processed securely via accredited third parties and is securely encrypted.

We understand the concern this situation may have caused, and we take the security of our customers' data very seriously.

We are still investigating to what extent any personal data, specifically names, addresses, e-mail addresses, telephone numbers and personalised card and gift designs has been accessed. However, even if such data has been accessed, it does not of itself enable access to online banking, credit cards or other payment services. However, criminals can use this information to trick you into disclosing your confidential banking details which can then potentially be used by third parties in various ways to commit fraudulent scams.

Funky Pigeon is already implementing measures to enhance our security and further protect your data, but there are also best practice steps you can take to protect yourself.

As a precaution, we would encourage you to follow these recommended security steps:

  1. Be vigilant. Please be wary of suspicious activity, including suspicious emails, phone calls or text messages. Do not click on any suspicious links. Do not disclose personal information such as full passwords and PINs when asked to do so by anyone via phone, text message or email. For more information, please see the National Cyber Security Centre resources at https://ncsc.gov.uk/guidance/suspicious-email-actions.

  2. Report it. If you spot suspicious activity on your account, alert your bank or building society immediately. If have received an email which you're not quite sure about, please forward it to the Suspicious Email Reporting Service at report@phishing.gov.uk.

  3. Change your passwords. Regularly change and never share passwords with anyone else or across different services. For information on how to choose a secure password, please see guidance from the National Cyber Security Centre at https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0

  4. Verify. Validate all requests for personal information and only provide it when there is a legitimate reason to do so.

  5. Manage your devices. Perform frequent anti-virus and malware scans on your personal devices and ensure that software is up to date.

  6. Follow guidance. Follow guidance about what to watch out for online. For more information, please see the National Cyber Security Centre resources at https://www.ncsc.gov.uk/guidance/data-breaches.

Regularly reviewing your credit report is a useful way of checking your credit data and guarding against identity theft and financial fraud.

Mastercard
Visa
Maestro
American Express
Paypal
Click to Pay
HSBC
Comodo Secured
McAfee Secure
LayBuy
Pay By Bank App
Pay By Bank App