Particle.news

Download on the App Store

Marks & Spencer Cyber Attack Disruptions Expected to Extend Into July

The retailer faces £300 million in losses after hackers exploited social engineering to breach systems, steal customer data, and cripple online operations.

Overview

  • Marks & Spencer's online ordering remains suspended, with phased recovery anticipated through July, following a ransomware attack over Easter weekend.
  • Hackers accessed M&S systems via a third-party using social engineering tactics, bypassing digital defenses due to human error.
  • The attack, attributed to the Scattered Spider hacking group, resulted in stolen customer data including names, email addresses, and physical addresses, though payment details and passwords were not compromised.
  • The breach disrupted logistics and distribution systems, causing empty shelves in stores and significant operational challenges.
  • Law enforcement and cybersecurity experts continue to investigate Scattered Spider, while M&S accelerates cybersecurity upgrades to prevent future incidents.