Currently Empty: ₹0.00
News
M&S cyber-attack linked to hacking group Scattered Spider
British retailer Marks and Spencer (MKS.L), opens new tab said on Tuesday some personal customer information was taken in the cyber attack that has crippled its online operation for more than three weeks.
“Importantly, the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords,” M&S said in its statement. “There is no evidence that this data has been shared.”
Advising customers there was no need to take any action, the company said work was continuing to get operations back to normal. It said it had taken steps to protect is systems, while working with cybersecurity experts, law enforcement and government agencies.
A major cyber-attack on Marks & Spencer has been linked to a hacking collective known as Scattered Spider, which is previously thought to have hit MGM Resorts and the US casino operator Caesars.
The group, which has previously been found to include people in their 20s from the UK and the US – some of whom faced charges over attempts to steal cryptocurrency via phishing attacks in the US – are reported to have encrypted key M&S systems using ransomware, according to the technology specialist site BleepingComputer.
The reports emerged as online sales at M&S – which account for an average £3.8m a day – were suspended for a fifth day.
The disruption caused by the hack – and uncertainty over when it will end – has wiped more than £500m off the stock market value of M&S in the past week as experts said it had clearly suffered a cyber-attack on a huge scale.
Industry insiders said it was rumoured that the attack had originated at one of M&S’s service suppliers and it was not clear if the company had been directly targeted.
M&S said: “As you would expect, we cannot share the details of this cyber incident.”
