Recommended reading

Mystery of M&S hack deepens as TCS claims none of its systems were compromised

News
By published

TCS says none of its users were impacted

Marks and Spencer store UK
(Image credit: Shutterstock.com / WD Stock Photos)
  • TCS says none of its systems or users were affected in Marks and Spencer attack
  • M&S was hit by a major cyberattack earlier in 2025
  • TCS vowed an investigation, but has offered little information so far

The third-party supplier many have blamed for the major cyberattack against Marks and Spencer (M&S) has revealed its first findings of an internal investigation into its role in the incident.

Tata Consultancy Services (TCS) has said none of its "systems or users were compromised" as part of the cyberattack.

"As no TCS systems or users were compromised, none of our other customers are impacted" independent director Keki Mistry told its annual shareholder meeting, Reuters reports.

Save up to 68% on identity theft protection for TechRadar readers!

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)

View Deal

TCS role and investigation

M&S was apparently hit by the attack on April 22, revealing news of the incident several days later.

Following an initial probe, experts proposed that the attackers were able to break into its systems by compromising workers at TCS, which has provided third-party services to M&S for over a decade on Sparks, the retailer's customer reward scheme.

In 2023, TCS also reportedly secured a $1 billion contract to modernize M&S' legacy technology across its supply chain and omni-channel sales, aiming to boost online sales.

TCS, part of the massive Tata Group conglomerate, was reported to be carrying out a full investigation, but has remained quiet until this unexpected (and brief) mention.

M&S has forecast the attack could cost it around £300 million in lost operating profit in its financial year.

It was recently revealed the hackers contacted M&S CEO Stuart Machin in a mocking email the day after the attack, demanding payment for the attack.

This email was sent from the DragonForce hacking collective, which carries out such attacks in return for payment or reward from other parties in exchange for a cut of any ransom payments.

M&S has not confirmed whether it has paid a ransom to the hackers, but did admit some customer data was stolen in the attack. This did not include any passwords or card or payment details, but home addressess, phone numbers and dates of birth may have been affected.

Anyone concerned their data may have been taken, we recommend using a dark web monitoring service, or using a breach monitor such as Have I Been Pwned to check for potential exposures.

TCS has not yet responded to a TechRadar Pro request for comment.

You might also like

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.