A major cyber-attack that began over the Easter
weekend on Marks
& Spencer (M&S) online services and the company has
revealed it will online services will remain disrupted until July. What happened? The
attack is a ransomware incident, which left some M&S shelves empty, halted online
orders, and disrupted recruitment efforts. Some customer data was also stolen,
though the company maintains that usable payment details and passwords were not
compromised. However, the
attackers accessed: Names, Addresses, Phone numbers, Email addresses, Dates of birth and online order histories of its customers. M&S has been prompting customers to reset passwords for added security and customers should be alert to watch out for scam emails, texts, or calls
pretending to be from M&S. Job recruitment has also been affected, with all
online vacancies removed and a message displayed saying the site will return
soon.
How was M&S attacked?
M&S confirmed that the
hackers gained access through social engineering – a tactic
where cybercriminals trick someone into handing over credentials. In this case,
access was gained via a third-party vendor. The
attack is projected to cost M&S around £300 million in lost profits for the
current financial year.
Given that around a third of
the company’s clothing and home sales come from its website, and customers
typically spend £3.8 million daily online, the disruption comes at a critical
time particularly as warmer weather boosts demand
for summer fashion.
Secure
Your Business Before It’s Too Late
The M&S cyber attack is a
stark reminder that no organization is immune to digital threats. If your
business handles customer data or operates online, proactive protection is no
longer optional.
Pyralink’s
Essential Cybersecurity Toolkit offers
a comprehensive line of defense against modern attacks—including ransomware,
social engineering, and third-party exploits. With tools for real-time threat
detection, secure access controls, and automated incident response, Pyralink
helps you stay one step ahead.
🔒 Don’t wait for a breach to take action.
Invest in Pyralink today and safeguard your systems, your customers, and
your future.
