M&S Confirms Customer Data Breach After Cyber Attack *

British retail giant Marks and Spencer (M&S) has confirmed that some personal customer information was compromised during the cyber attack that has severely disrupted its online operations for over three weeks.

The retailer, a household name in the UK, halted online orders on April 25th, and its stock price has since seen a 15% drop since the initial order issues around the Easter weekend. While M&S has not explicitly confirmed the nature of the attack, widespread reports suggest it was a ransomware incident, where malicious actors encrypt a company’s systems and demand a ransom for their release.

In a statement released on Tuesday, M&S acknowledged that “some personal customer information” had been accessed, attributing the breach to the “sophisticated nature” of the attack. The company assured customers that it would directly inform those affected.

Crucially, M&S emphasized that “the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords.” Furthermore, they stated that “there is no evidence that this data has been shared.”

Advising customers that no immediate action is required, M&S stated that efforts to restore normal operations are ongoing. The company also mentioned that it has implemented measures to safeguard its systems and is collaborating with cybersecurity experts, law enforcement, and government bodies.

M&S has refrained from specifying the financial repercussions of the attack, which are mounting daily as the retailer misses out on sales, particularly from its new spring/summer collections during the current warm weather in the UK. Approximately one-third of M&S’s clothing and home sales are generated online.

Earlier this month, analysts at Deutsche Bank estimated the profit impact to be at least £30 million, with a weekly ongoing cost of around £15 million. While cyber insurance is expected to cover a significant portion of these losses, such coverage typically has time limitations.

Interesting Fact

Did you know that the first documented ransomware attack occurred in 1989? Known as the “AIDS Trojan” or “PC Cyborg” it was distributed via floppy disks and encrypted files on victims’ computers, demanding a $189 ransom to unlock them. While rudimentary compared to today’s sophisticated attacks, it marked the beginning of a significant cybersecurity threat.