M&S Reports Customer Data Theft in Cyber Attack

Marks & Spencer announced that their system experienced a cyber attack three weeks ago which exposed personal customer information including phone numbers addresses birth dates and order histories but payment details and passwords remained safe. The company continues its recovery process after suspending all online orders since April 25. M&S is prompting password resets and warning against fraudulent communications. Stuart Machin as CEO stated that no evidence exists to show the stolen data has been distributed but hackers could potentially sell it which would lead to identity fraud risks. The DragonForce cybercrime group conducted the attack which simultaneously targeted Co-op and Harrods through a double extortion method by stealing and encrypting data to demand payment. M&S immediately notified authorities about the breach while collaborating with cybersecurity specialists. The Which? organization’s Lisa Barber advises users to change their passwords right away while NCC Group’s Matt Hull cautions about realistic scams that use stolen information. The system disruption started during Easter when it affected both Click & Collect services and contactless payment capabilities. The company has restored its in-store operations but maintains an ongoing suspension of its online services without any announced return date. The breach reveals weaknesses in retail cybersecurity systems because of increasing darknet threats despite M&S’s efforts to reduce potential risks.