Dentsu warns staff of data breach after Merkle hit by cyber 'security incident'

Former and current staff at Dentsu and "some clients" have had their information taken following a “security incident” within Merkle’s network. 

In an email seen by Campaign, Dentsu explained that files were taken from Merkle’s network, which contained “names and other information”. 

The company added that the investigation was "ongoing" but anticipated that this information included bank and payroll details, salary, National Insurance number, and personal contact details of those affected.

The email further explained that Dentsu has informed law enforcement and launched an investigation with assistance from a cybersecurity firm, and encouraged employees to monitor their financial statements, also offering them a year’s subscription to a credit and dark-web monitoring service through Experian Identity Plus.

When approached by Campaign, a Dentsu spokesperson declined to comment on how many people and which locations were hit, but it has affected "some clients, suppliers, and current and former employees".

"We identified unusual activity on a portion of Merkle’s network," Dentsu said in a statement. "Upon discovery, we immediately took action to respond by initiating our incident response protocols, taking some of our systems offline, out of precaution, and taking other steps to contain the activity. Third-party cyber incident response firms that have helped other companies in similar situations were engaged to assist, and law enforcement has been notified. We have brought systems back online and we are fully operational.  

"The investigation identified that certain files were taken from Merkle’s network. A review of those files determined that they contained information relating to some clients, suppliers, and current and former employees. Although our investigation remains ongoing, we have begun the notification process in accordance with applicable law."

The breach comes amid speculation over Dentsu's future, after the Japanese-owned network appointed bankers to sound out buyers for its international creative and media business. 

François Laroze, the chief financial officer and chief operating officer of Havas, said on the network's Q3 earnings call that they "certainly would consider” a discussion with Dentsu and added that they could be interested in "part of it or in a partnership with some of the agencies of the network".

Last year, former WPP chief executive Mark Read was the target of a deepfake scam, with fraudsters impersonating Read to solicit money and personal details from another senior executive at the network.