Dentsu wishes to inform its current and former employees of its UK operations that it identified a data security incident linked to the network of Merkle, a trading division of Dentsu UK Limited which may involve some of their data.

What happened?

We detected unusual activity on servers in Merkle’s network.  We immediately implemented our incident response protocols, took steps to contain the activity, and launched an investigation.  A cybersecurity firm that has worked with other companies to address similar situations was engaged to assist.  Law enforcement was notified, and we notified the Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC). 

What Information was involved?

The investigation identified that certain files were taken from Merkle’s network.  A review of those files determined that they contained information concerning current and former employees.  Our investigation is ongoing; however, at present we anticipate that the files include bank and payroll details, salary, National Insurance number, and personal contact details.

What is Dentsu doing in response?

We have sought to notify all of our current and former employees whose personal data was potentially involved and to assure all of them that we take this very seriously.  Dentsu has taken measures to prevent the public disclosure of the data.  We have notified those for whom we have current contact information directly.  In addition, we are offering all those whose information was potentially involved a complimentary membership to a dark-web monitoring service through Experian as detailed below.

What can individuals whose information was potentially involved do?

Because the information involved could be combined with information obtained from other sources or through phishing or social engineering to access your financial account or to commit identity fraud, we encourage all those potentially affected to remain vigilant at the present time by reviewing their financial account statements for any unauthorised activity. 

If you are contacted by anyone asking you for personal data or passwords, you should take all steps to check the true identity of the organisation before providing your information.  If you see charges or activity you did not authorise, please contact your bank, building society, or credit card provider immediately.  In addition, if you believe you are the victim of identity theft or your personal data has been misused, you should report the activity to the relevant authority in your country. 

We are not aware of any public disclosure of the files.

How is dentsu supporting current and former employees:

Out of an abundance of caution, we are offering those whose information was potentially involved a one-year membership to a credit and dark-web monitoring service through Experian Identity Plus at no cost.  If you are concerned that your data may have been involved in this incident please contact DataNotificationOfficeUK@dentsu.com.