CyberSecurity news

FlagThis

ross.kelly@futurenet.com (Ross@Latest from ITPro in News //
Marks & Spencer (M&S), a major British retailer, has confirmed that it is currently managing a cybersecurity incident. This confirmation follows several days of reported service disruptions affecting store operations and customer experiences. The company issued a statement acknowledging the incident and apologized to customers for any inconvenience caused. M&S has implemented operational changes to protect the business and its customers during this time.

Customer impact includes disruptions to contactless payments, online orders, and the Click & Collect service. Some customers reported issues as far back as Saturday through social media platform X, ranging from returns being unavailable to Click & Collect orders being delayed or unavailable. While M&S stated that stores remain open, the website and app are operating normally, and contactless payments are working again, the company is working hard to resolve the remaining technical issues. M&S claims it serves 32 million customers every year.

In response to the cyber incident, Marks & Spencer has engaged external cybersecurity experts to investigate the matter and strengthen its network security. The company has also notified the Information Commissioner's Office (ICO) and the National Cyber Security Centre (NCSC). While the exact nature of the cyberattack and the extent of any potential data breach have not been fully disclosed, M&S has assured customers that it is taking the situation seriously and will provide updates as appropriate. Customer trust is incredibly important to the company and if the situation changes an update will be provided as appropriate.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • CyberInsider: Marks & Spencer (M&S) has confirmed it is responding to a cybersecurity incident that has caused disruptions across its UK retail operations, including outages in payment systems and delays in store services such as order pick-ups and click-and-collect.
  • techcrunch.com: The company said it was necessary to make operational changes to protect the business.
  • www.itpro.com: Retail giant Marks & Spencer (M&S) has revealed it has been dealing with a “cyber incident†in recent days and apologized to customers amid disruption complaints.
  • The Register - Security: Retailer tight-lipped on details as digital hiccup disrupts customer orders UK high street mainstay Marks & Spencer told the London Stock Exchange this afternoon it has been managing a "cyber incident" for "the past few days."…
  • cyberinsider.com: Marks & Spencer (M&S) has confirmed it is responding to a cybersecurity incident that has caused disruptions across its UK retail operations, including outages in payment systems and delays in store services such as order pick-ups and click-and-collect.
  • Zack Whittaker: New, by me: Marks & Spencer has confirmed a cyber incident, as customers report disruption and outages. The U.K.-headquartered retail giant said it made operational changes to "protect" the business, and has notified data protection authorities.
  • The DefendOps Diaries: The Defend Ops Diaries article on Marks & Spencer Cyberattack: A Wake-Up Call for Retail Cybersecurity
  • securityaffairs.com: Marks & Spencer (M&S) is managing a cyber incident
  • techcrunch.com: TechCrunch article on Marks & Spencer confirms cybersecurity incident amid ongoing disruption
  • BleepingComputer: Marks & Spencer confirms a cyberattack as customers face delayed orders
  • ComputerWeekly.com: Cyber attack downs systems at Marks & Spencer
  • www.cybersecurity-insiders.com: Mark & Spencer hit by Cyber Attack on Easter
  • hackread.com: M&S Cyberattack Disrupts Contactless Payments and Click & Collect Services
  • www.scworld.com: Marks & Spencer disrupted by cyberattack
  • thecyberexpress.com: UK retail giant Marks & Spencer has confirmed it is managing a cybersecurity incident, following several days of service disruption that affected store operations and customer experiences.
  • Tech Monitor: Marks & Spencer hit by cyberattack, services disrupted
  • The Record: In a statement filed to London’s stock exchange on Tuesday afternoon, retailer Marks & Spencer said it made “some minor, temporary changes to our store operations†as soon as it became aware of the incident.
  • bsky.app: Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past few days that has impacted operations, including its Click and Collect service. https://www.bleepingcomputer.com/news/security/marks-spencer-confirms-a-cyberattack-as-customers-face-delayed-orders/
  • hackread.com: Marks & Spencer (M&S) cyberattack disrupts contactless payments and Click & Collect; investigation launched as retailer apologises and…
  • techinformed.com: TechInformed report on M&S cyber attack impacting click and collect.
  • www.cybersecurity-insiders.com: Mark & Spencer hit by Cyber Attack on Easter
  • TechInformed: M&S cyber attack impacts click and collect and contactless payments
  • The Register - Security: M&S takes systems offline as 'cyber incident' lingers
  • ComputerWeekly.com: M&S systems remain offline days after cyber incident
  • BleepingComputer: Marks & Spencer pauses online orders after cyberattack
  • The Register - Security: M&S suspends all online orders as 'cyber incident' issues worsen
  • bsky.app: M&S stops online orders following cyber attack. Fall-out from this cyber attack is getting worse not better 4 days after customers were alerted to an attack.
  • bsky.app: Bsky social network post about Marks & Spencer pausing online sales after cyberattack
  • ComputerWeekly.com: M&S systems remain offline days after cyber incident
  • www.itpro.com: M&S suspends online sales as 'cyber incident' continues
  • cyberinsider.com: Marks & Spencer Suspends Online Orders Amid Ongoing Cyber Incident
  • The DefendOps Diaries: Marks & Spencer Cyberattack: Operational Disruptions and Strategic Responses
  • CyberInsider: Marks & Spencer Suspends Online Orders Amid Ongoing Cyber Incident
  • bsky.app: Marks & Spencer has paused online orders for customers.
  • go.theregister.com: One step forward and one step back as earlier hopes of progress dashed by latest update Marks & Spencer has paused online orders for customers via its website and app as the UK retailer continues to wrestle with an ongoing "cyber incident."
  • Check Point Research: For the latest discoveries in cyber research for the week of 28th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES British retailer Marks & Spencer (M&S) experienced a cyber-attack that caused disruptions to its online order system and in-store contactless payments.
  • www.bleepingcomputer.com: Marks & Spencer pauses online orders after cyberattack
  • bsky.app: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider"
  • BleepingComputer: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources.
  • BleepingComputer: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider"
  • www.bleepingcomputer.com: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as Scattered Spider BleepingComputer has learned from multiple sources.
  • Help Net Security: The “cyber incident†that British multinational retailer Marks & Spencer has been struggling with for over a week is a ransomware attack, multiple sources have asserted.
  • DataBreaches.Net: Multiple sources inform them that the outages at UK retail giant Marks & Spencer are the result of a ransomware attack by the group known as Scattered Spider.
  • bsky.app: Cyber security website @bleepingcomputer.com now reporting that the M&S hackers could be from Scattered Spider. This infamous hacking crew is behind a string of attacks in the last 2 years and its members include English-speaking teenagers. https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scattered-spider-ransomware-attack/
  • ComputerWeekly.com: The infamous Scattered Spider hacking collective may have been behind the ongoing cyber attack on Marks and Spencer.
  • hackread.com: The cyberattack on Marks & Spencer (M&S) is linked to the notorious Scattered Spider group. Explore the severe…
  • Tech Monitor: Cyber incident at Marks & Spencer suspected to involve Scattered Spider hackers
Classification:
  • HashTags: #cyberattack #DataBreach #retail
  • Company: Marks & Spencer
  • Target: Marks & Spencer
  • Product: Retail Services
  • Feature: Service Disruption
  • Type: Hack
  • Severity: Medium