Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack

British retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago.

The retailer revealed that the breach affects potentially millions of customers whose information has been stolen, though payment card details remain secure.

The company is still struggling to restore its online shopping services, which have been suspended since April 25th, and is now implementing additional security measures while working with cybersecurity experts to contain the incident’s impact.

M&S disclosed that the stolen information could include customers’ names, dates of birth, telephone numbers, home addresses, household information, email addresses, and online order histories.

In a statement addressing concerned customers, Chief Executive Stuart Machin emphasized that “Importantly, there is no evidence that the information has been shared.”

The company has assured customers that no useable payment card details or account passwords were compromised in the breach, as M&S does not store complete card payment information on its systems.

According to its latest financial report, M&S has approximately 9.4 million active online customers who may have been affected by this security breach, though the exact number of impacted individuals has not been specified.

Technical Attack Analysis

Cybersecurity experts have attributed the attack to hackers utilizing DragonForce, a darknet-based cybercrime-as-a-service platform recently linked to similar attacks on Co-op and Harrods.

The technical modus operandi involves a sophisticated “double extortion” method where attackers both exfiltrate sensitive data and encrypt company systems, creating dual leverage for ransom demands.

Matt Hull, head of threat intelligence at NCC Group, noted that this type of attack is particularly dangerous as stolen personal information enables “craft very convincing scams” targeting affected customers.

The three-week duration of service disruption indicates the severity of the system compromise, with the retailer’s online ordering capability remaining offline despite restoration of in-store services and contactless payment functionality.

Security Response and Protective Measures

In response to the breach, M&S has initiated multiple security protocols, including notifying relevant authorities and engaging cybersecurity specialists to monitor for any potential data misuse.

The company is contacting all website users via email and will prompt customers to reset their account passwords “for extra peace of mind,” although they stated this step is precautionary rather than mandatory.

Security experts recommend customers remain vigilant against potential phishing attempts exploiting this incident.

Lisa Barber, tech editor at consumer advocacy group Which?, advised: “It’s always a good idea to change your password as soon as possible if there’s been a security breach and to ensure your new password is unique from any other online accounts”.

M&S has warned customers to be cautious of suspicious communications claiming to be from the retailer, emphasizing they will never request personal account credentials like usernames or passwords.

The incident represents what retail analyst Catherine Shuttleworth describes as a “further blow for M&S,” potentially impacting consumer confidence in one of Britain’s most trusted brands.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!