Ethical Hacking News
Marks & Spencer has confirmed that customer data was stolen in a cyberattack last month, with sensitive personal information including full name, email address, home address, phone number, date of birth, online order history, household information, Sparks Pay reference numbers, and "masked" payment card details exposed. Customers are advised to reset their passwords and be cautious of phishing emails, calls, or texts claiming to be from M&S.
Marks & Spencer (M&S) was targeted by a cyberattack on April 22, 2025. The attack resulted in the theft of sensitive personal information, including full name, email address, and home address. The attackers used Scattered Spider social engineering tactics to breach M&S's network. M&S has stopped accepting online orders due to the incident and notified impacted customers. Credit card details were obfuscated in line with PCI guidelines, but customers are still advised to be cautious of phishing attempts. The attack highlights the increasing threat posed by cyberattacks to businesses and organizations worldwide.
Marks & Spencer (M&S) has confirmed that a cyberattack occurred on April 22, 2025, resulting in the theft of sensitive personal information belonging to customers. The attack was carried out by DragonForce ransomware affiliates who utilized Scattered Spider social engineering tactics to breach the retailer's network.
According to a letter posted by M&S CEO Stuart Machin on the retailer's official Facebook page, the intruders encrypted VMware ESXi virtual machines hosted on the company's servers during the attack. The incident has forced M&S to stop accepting online orders and has prompted the company to notify all impacted customers accordingly.
The data types that have been exposed as a result of the cyberattack include full name, email address, home address, phone number, date of birth, online order history, household information, Sparks Pay reference numbers, and "masked" payment card details. M&S spokesperson stated that the credit cards are obfuscated in line with the PCI guidelines.
In light of this breach, all customers with active M&S accounts will be prompted to reset their password the next time they attempt to log in via the website or app. M&S has assured its customers that there is no evidence that the information has been shared and that it does not include usable card or payment details, or account passwords, so there is no need for customers to take any action.
However, customers are still advised to be cautious of potential phishing emails, calls, or texts claiming to be from M&S when they are not. The company has also warned its customers that they will never contact them and ask for personal account information like usernames, nor will they ever ask for their password.
The attack on M&S has significant implications for the retailer's business operations, with some stores being forced to stop accepting online orders due to the impact of the cyberattack. However, M&S has assured its customers that it will notify all impacted customers accordingly and promises to share more details when those become available.
In a broader context, the attack on M&S highlights the increasing threat posed by cyberattacks to businesses and organizations worldwide. As companies continue to rely increasingly on technology to conduct their operations, they are also becoming more vulnerable to sophisticated cyber threats that can compromise sensitive data and disrupt business operations.
The use of ransomware in this particular attack is a notable example of how attackers are using increasingly sophisticated techniques to gain access to networks and steal sensitive data. The fact that the attackers were able to breach M&S's network highlights the importance of robust cybersecurity measures, including employee training, network segmentation, and regular security audits.
Furthermore, the fact that the credit cards have been obfuscated in line with PCI guidelines suggests that M&S has taken steps to mitigate the potential impact of the breach on its customers. However, this does not diminish the need for caution and vigilance among customers who have had their sensitive data compromised.
As the threat landscape continues to evolve, it is essential that businesses and organizations prioritize cybersecurity measures to protect themselves against sophisticated cyber threats. By taking proactive steps to strengthen their defenses, they can minimize the risk of a breach like the one suffered by M&S and ensure the continued trust of their customers.
Related Information:
https://www.ethicalhackingnews.com/articles/Marks--Spencer-Cyberattack-Exposes-Sensitive-Customer-Data-ehn.shtml
Published: Tue May 13 09:56:14 2025 by llama3.2 3B Q4_K_M
