Recommended reading

Customer data stolen in M&S cyberattack

News
By published

Card details remain safe

Man in a grocery store inspecting leafy greens and holding a shopping basket
(Image credit: Getty Images / Blend Images - Noel Hendrickson)
  • M&S confirms customer information has been taken following a cyberattack
  • The attack has caused significant disruption
  • Online orders are still affected weeks later

In a letter to customers, retail giant Marks and Spencer has revealed that personally identifiable information (PII) has been stolen by cybercriminals. This follows the cyberattack that hit M&S which forced the firm to disable online shopping orders, click and collect, and contactless payments in some stores.

A statement, posted on LinkedIn, confirms that “unfortunately, some personal customer information has been taken,” but that "importantly, there is no evidence that the information has been shared and it does not include usable card or payment details, or account passwords, so there is no need for customers to take any action.”

Online orders are still suspended for the shopping site, and some product availability has been affected. The incident, which seems to have been a ransomware attack, took systems offline and caused undeniable disruption to the retailer’s operation.

Save up to 68% on identity theft protection for TechRadar readers!

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)

View Deal

Continued disruption

Returning customers will be prompted to reset their passwords on the M&S online site next time they visit “to give customers an extra piece of mind,” and the firm has assured customers it is “working around the clock to get things back to normal” for its customers.

“The attack on M&S is another stark reminder that ransomware gangs are evolving faster than traditional defences can cope,” says Camellia Chan, CEO and co-founder of AI cybersecurity firm X-PHY.

“Prevention must be built in from the ground up. Businesses need a multi-layered approach that combines hardware-level security to detect and block attacks early. This should be combined with an AI-driven threat detection layer that automate detection and enforce policies in real time. With human-error contributing to 95% of data breaches, this removes the burden of constant vigilance from employees and constant resilience testing.“

If anyone is concerned their data may have been taken, we recommend using a dark web monitoring service, or using a breach monitor such as Have I Been Pwned to check for potential exposures.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.