CyberSecurity news
FlagThis
Jessica Lyons@theregister.com
//
Marks & Spencer (M&S) has confirmed that customer data was stolen during a recent cyberattack, with the ransomware group DragonForce claiming responsibility. The retail giant has initiated a mandatory password reset for all customers as a precautionary measure following the breach. The attack, which has shaken the UK retail sector, also affected other major retailers including the Co-operative Group (Co-op) and Harrods.
The stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information, and online order histories. However, M&S assures customers that the compromised information does not include usable card or payment details, or account passwords. The company is working with external experts to secure its systems and has reported the incident to the relevant government authorities and law enforcement agencies. Initially reports linked Scattered Spider to the attack, it has now been claimed that DragonForce are responsible.
DragonForce, a relatively new Ransomware-as-a-Service (RaaS) group, has emerged as a significant threat, initially framing itself as a pro-Palestinian hacktivist collective before shifting to profit-driven operations. They operate by leasing their ransomware to affiliates, who then carry out the attacks, with the developers taking a cut of the ransom payments. DragonForce has been targeting high-profile UK retailers, deploying ransomware to encrypt networks, disrupt online orders and payment systems, and threaten the public release of stolen data.
ImgSrc: regmedia.co.uk
References :
The stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information, and online order histories. However, M&S assures customers that the compromised information does not include usable card or payment details, or account passwords. The company is working with external experts to secure its systems and has reported the incident to the relevant government authorities and law enforcement agencies. Initially reports linked Scattered Spider to the attack, it has now been claimed that DragonForce are responsible.
DragonForce, a relatively new Ransomware-as-a-Service (RaaS) group, has emerged as a significant threat, initially framing itself as a pro-Palestinian hacktivist collective before shifting to profit-driven operations. They operate by leasing their ransomware to affiliates, who then carry out the attacks, with the developers taking a cut of the ransom payments. DragonForce has been targeting high-profile UK retailers, deploying ransomware to encrypt networks, disrupt online orders and payment systems, and threaten the public release of stolen data.
ImgSrc: regmedia.co.uk
Share:
References :
- bsky.app: The inevitable has happened then. M&S now admits that customer data was stolen as part of the ransomware attack. The cyber world had been waiting (a long time) to hear this from the supermarket giant as DragonForce hackers are known to use double extortion method.
- CyberInsider: Marks & Spencer Confirms Customer Data Theft in April Cyberattack
- securityaffairs.com: Marks and Spencer confirms data breach after April cyber attack
- techcrunch.com: Marks & Spencer confirms customers’ personal data was stolen in hack
- ComputerWeekly.com: M&S forces customer password resets after data breach
- slcyber.io: DragonForce Claims Responsibility for Series of Attacks on UK Retailers
- www.itpro.com: The retailer confirmed hackers accessed customer data –but not payment information or passwords
- cyberinsider.com: Marks & Spencer (M&S) has confirmed that personal customer data was stolen during the cyberattack that disrupted its retail operations last month, escalating a previously opaque incident into a confirmed data breach.
- The Register - Security: Marks & Spencer admits cybercrooks made off with customer info
- ComputerWeekly.com: M&S is instructing all its customers to change their account passwords after a significant amount of data was stolen in a DragonForce ransomware attack.
- www.cysecurity.news: Marks & Spencer is facing prolonged disruption after falling victim to a large-scale cyberattack. Experts warn that restoring normal operations could take months, highlighting a growing trend of sophisticated breaches targeting major retailers. This incident follows a wave of cyber intrusions, including those at Co-op and Harrods, allegedly orchestrated by the same hacking collective — Scattered Spider.
- Tech News | Euronews RSS: M&S warned that there could be security risks as a result of stolen data. Here’s what you should do to protect yourself from future scams.
- The Register - Security: Here's what we know about the DragonForce ransomware that hit Marks & Spencer
- techxplore.com: Customer data stolen in Marks & Spencer cyberattack
- ComputerWeekly.com: M&S is instructing all its customers to change their account passwords after a significant amount of data was stolen in a DragonForce ransomware attack.
- techhq.com: Hackers behind M&S breach may target US next. Google warns US retailers may be next in line for ransomware attacks. A cyberattack that hit UK retailer Marks & Spencer is raising alarms in the US
- BleepingComputer: Bleeping Computer reports M&S data stolen
- Cybersecurity Blog: UK Retailers Cyber Attack Saga; Is USA next for Scattered Spider?
- www.itpro.com: The British retailer has confirmed the theft of customer data in the cyberattack.
Classification:
- HashTags: #Ransomware #DataBreach #MarksandSpencer
- Company: M&S
- Target: Marks & Spencer Customers
- Attacker: Ransomware Gang
- Product: Retail
- Feature: Password Reset
- Malware: DragonForce
- Type: DataBreach
- Severity: Major