Dentsu's Merkle hit by data breach; employee and client information at risk
While Dentsu confirmed that systems have been fully restored and its Japan-based network was not affected, the incident comes at a sensitive time as the holding company is already exploring potential sales of parts of its international creative and media operations.
ADVERTISEMENT
Japanese advertising powerhouse Dentsu has revealed a data breach at its data-driven marketing arm, Merkle, after detecting "unusual activity" on the network. The incident, first identified on October 27, primarily affects Merkle as a trading division of Dentsu UK Limited, potentially exposing sensitive personal and financial information belonging to current and former employees, and, in some cases, clients and suppliers.
An internal review confirmed that certain files were exfiltrated from Merkle's systems. The stolen data includes highly sensitive employee details such as bank and payroll information, salary data, National Insurance numbers, and personal contact information.
Dentsu's swift response involved immediately isolating affected servers, activating its breach protocol, and engaging a specialist external cybersecurity firm. The company has notified law enforcement, the UK Information Commissioner’s Office (ICO), and the National Cyber Security Centre (NCSC).
The advertising giant is now directly notifying all current and former UK employees who may be impacted, offering a complimentary one-year subscription to Experian Identity Plus for credit monitoring and dark web surveillance as a precaution.
While Dentsu confirmed that systems have been fully restored and its Japan-based network was not affected, the incident comes at a sensitive time as the holding company is already exploring potential sales of parts of its international creative and media operations.
The company is urging all potentially affected individuals to remain highly vigilant against suspicious financial activity and social engineering attempts, acknowledging the risk of the exposed data being used to commit fraud. Currently, no ransomware group has claimed responsibility, and Dentsu has stated there is no evidence that the stolen files have been leaked publicly.
