M&S has shared an important update about a big cyber attack, revealing that customers’ information has been stolen.
The retail chain is still working hard to keep its stores up and running while dealing with the fallout.
A month has passed since the hackers first struck M&SIn a statement shared on Instagram, M&S announced: “As we continue to manage the current cyber incident, we have written to customers today to let them know that unfortunately, some personal customer information has been taken.
“Importantly, there is no evidence that the information has been shared and it does not include useable card or payment details, or account passwords, so there is no need for customers to take any action.
“To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or log on to their M&S account and we have shared information on how to stay safe online.
“Everyone at M&S is working around the clock to get things back to normal for our customers as quickly as possible, and we are very sorry for any inconvenience they have experienced. Our stores remain open as they have throughout.
“Thank you for shopping with us and for your continued support, we are incredibly grateful.”
M&S has been experiencing significant disruption following a cyber incident, affecting contactless payments, click-and-collect services, and online orders across the UK.
The problems began on Saturday, April 19, with customers unable to collect purchases or return items.
By Monday, April 21, M&S acknowledged the attack, apologised for the inconvenience, and engaged cybersecurity experts while notifying the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).
The criminals suspected to be behind the attack are known collectively as “Scattered Spider” – one of the most prolific cybergangs of the past 18 months.
The gang specialises in ransomware – a type of attack designed to steal information or access in exchange for a sum of money.
They have been gaining a reputation for targeting large, customer-facing organisations through social engineering and identity-focused tactics.
“While they are not as well-resourced as some nation-state actors or long-established ransomware syndicates, Scattered Spider is far from “small fry,” Jamie Akhtar, CEO and Co-founder at CyberSmart, told The Sun.
“Scattered Spider, also tracked as UNC3944, has become one of the most active and disruptive threat actors in the last 18 months.
“This is a group known not for sheer technical sophistication, but for their ability to manipulate access, often by impersonating employees or exploiting multi-factor authentication systems.”
Their most high-profile hack was the attack on Caesars Entertainment and MGM Resorts in 2023, two of the largest casino and gambling companies in the US.
Despite M&S’ efforts to restore systems, disruptions continued throughout the week, forcing the retailer to make operational adjustments, including suspending online and app orders on Friday, April 24.
This decision led to a 5% drop in the company’s share price.
Shoppers have been reporting empty shelves in some stores, highlighting the ongoing fallout from the cyber attack.
Staple items including bananas, fish, and the iconic Colin the Caterpillar cakes have even become hard find in some shops.
Meanwhile, M&S has been forced to temporarily suspend its meal deal offers in some of its smaller stores in transport hubs.
When questioned, staff suggested that the supply disruptions were connected to a cyber attack.
M&S has still yet to confirm the specific nature of the cyber breach.
Timeline of cyber attack
Saturday, April 19: Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues. Monday, April 21: Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the “cyber incident” in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms “minor, temporary changes” to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) and engages external cybersecurity experts. Tuesday, April 22: Disruptions continue. M&S takes further systems offline as part of “proactive management”. Wednesday, April 23: Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected. Thursday, April 24: Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February. Friday, April 25: M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S’s share price. Monday, April 28: M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home. Tuesday, April 29: Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores. Read More Details
Finally We wish PressBee provided you with enough information of ( M&S reveals customers’ personal information was STOLEN in major cyber attack update )
Also on site :
- Celtics’ star Jayson Tatum helped off court with scary injury in closing minutes of Game 4
- Bomb alert on Ryanair plane carrying 170 passengers as holiday flight lands in Belgium & ‘cordon set up’
- Relatable Paris Fury gives look at life as mum-of-seven & it’s stark contrast to Meghan Markle post on ‘juggling it all’