CyberSecurity news
FlagThis
Zack Whittaker@techcrunch.com
//
Marks & Spencer (M&S) has confirmed it is currently dealing with a cybersecurity incident that has caused disruption to its UK retail operations. The retail giant said it has been managing this incident for the past few days, leading to operational changes aimed at protecting customers and the business. These changes have resulted in some disruption, including outages in payment systems and delays in store services such as order pick-ups and click-and-collect. The company has apologized to customers for any inconvenience experienced due to the disruptions.
M&S said that despite the ongoing cyber incident, its stores remain open, and its website and app are operating normally. It is working diligently to resolve technical issues and address delays affecting customer orders. In response to customer queries on social media platforms like X, Marks & Spencer acknowledged working to resolve technical issues in its stores. The company is also collaborating with external cybersecurity experts to investigate the incident and has notified data protection authorities, including the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO).
While M&S has confirmed the cybersecurity incident and taken steps to mitigate its impact, specific details regarding the nature of the attack and potential compromise of customer data remain unclear. The company has been tight-lipped on divulging extra information, however it has mentioned it is coordinating with relevant agencies such as the NCSC. The retailer said that if the situation changes an update will be provided as appropriate. Marks & Spencer claims to serve 32 million customers every year.
References :
M&S said that despite the ongoing cyber incident, its stores remain open, and its website and app are operating normally. It is working diligently to resolve technical issues and address delays affecting customer orders. In response to customer queries on social media platforms like X, Marks & Spencer acknowledged working to resolve technical issues in its stores. The company is also collaborating with external cybersecurity experts to investigate the incident and has notified data protection authorities, including the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO).
While M&S has confirmed the cybersecurity incident and taken steps to mitigate its impact, specific details regarding the nature of the attack and potential compromise of customer data remain unclear. The company has been tight-lipped on divulging extra information, however it has mentioned it is coordinating with relevant agencies such as the NCSC. The retailer said that if the situation changes an update will be provided as appropriate. Marks & Spencer claims to serve 32 million customers every year.
Share:
References :
- CyberInsider: Marks & Spencer (M&S) has confirmed it is responding to a cybersecurity incident that has caused disruptions across its UK retail operations, including outages in payment systems and delays in store services such as order pick-ups and click-and-collect.
- techcrunch.com: Marks & Spencer has confirmed a cyber incident, as customers report disruption and outages. The U.K.-headquartered retail giant said it made operational changes to "protect" the business, and has notified data protection authorities.
- www.itpro.com: Retail giant Marks & Spencer (M&S) has revealed it has been dealing with a "cyber incident" in recent days and apologized to customers amid disruption complaints.
- The Register - Security: Marks & Spencer has been managing a "cyber incident" for "the past few days".
Classification:
- HashTags: #Cybersecurity #RetailSecurity #Cyberattack
- Company: Marks & Spencer
- Target: Marks & Spencer Online Services
- Attacker: APT29
- Product: Online services
- Feature: payment systems
- Type: Hack
- Severity: Medium