Particle.news
Download on the App Store
16 ARTICLES
·
last mo.

M&S Confirms Customer Data Breach Following Prolonged Cyberattack

The retailer reveals personal data was accessed but assures customers payment details and passwords remain secure.

Image
A Marks and Spencer (M&S) logo is seen on the outside of a store in Cheshire, Britain August 18, 2020. REUTERS/Jason Cairnduff/File Photo
Image
Image

Overview

  • M&S disclosed that hackers accessed customer data, including names, addresses, and phone numbers, but no payment or password information was compromised.
  • The cyberattack, attributed to the DragonForce group, has disrupted M&S's online operations since April 25, with no timeline yet for service restoration.
  • Co-op confirmed data from 20 million members was extracted, though it only included names and contact details, not financial information.
  • M&S has urged customers to reset their account passwords for added security and shared guidance on staying safe online.
  • The UK government and regulatory bodies, including the NCSC and ICO, are investigating the attacks and have announced increased cybersecurity investments.