Overview

• Marks & Spencer has confirmed a cyberattack in late April resulted in the theft of customer contact details, dates of birth, and order histories.
• The company reassures customers that no payment information or account passwords were compromised in the breach.
• Customers are being warned about potential phishing scams and advised to reset their passwords during their next account login.
• Cybersecurity experts caution that the stolen data could be exploited for targeted social engineering attacks or sold on the dark web.
• Marks & Spencer continues to work with law enforcement and cybersecurity specialists to investigate and mitigate the incident.