Feature

Outsourcing Giant TCS Under Scrutiny After Cyberattacks on M&S and Jaguar Land Rover

India’s Tata Consultancy Services (TCS), one of the world’s largest IT outsourcing firms, is facing mounting questions over whether its helpdesk operations have been exploited as an entry point for the cyberattacks that crippled Marks & Spencer (M&S) and Jaguar Land Rover (JLR) earlier this year.

The attacks, attributed to a hacking group known as Scattered Spider and its affiliates, have shaken confidence in the resilience of major British companies and highlighted the risks of relying heavily on outsourced IT services.

How the Attacks Unfolded

In April, M&S was hit by a devastating cyberattack that forced it to halt online sales, with losses estimated at £300 million. Hackers infiltrated the retailer’s systems and sent an ominous email from a compromised employee account to chief executive Stuart Machin: “We have mercilessly raped your company and encrypted all the servers.”

Just weeks later, JLR was forced to shut down production lines on August 31 after its systems were locked by ransomware. A group calling itself Scattered Lapsus$ Hunters — believed to be linked to Scattered Spider — claimed responsibility on Telegram.

Both companies have long outsourced significant portions of their IT operations to TCS. In JLR’s case, an £800 million contract signed in 2023 handed the Indian group much of its IT and cybersecurity work.

Helpdesks Under the Microscope

The National Cyber Security Centre (NCSC), part of GCHQ, has previously warned that IT helpdesks are a prime target for hackers. By impersonating employees, attackers can persuade staff to reset passwords or grant “super-user” access.

Cybersecurity consultant Kevin Beaumont wrote last week that “hackers were phoning helpdesks and asking for access and getting it with ease,” adding that TCS provided such services across multiple clients.

A source close to M&S claimed the breach was tied to a contact centre in India, with attackers securing elevated access through social engineering. M&S chairman Archie Norman later told MPs that “sophisticated impersonation” and third-party involvement were key to the hack.

Political and Corporate Pressure

The scrutiny has now reached Westminster. Liam Byrne, chairman of the business and trade committee, has written to TCS chief executive Krithi Krithivasan demanding details of the company’s work with M&S, JLR and the Co-op, as well as the extent of its role in the UK’s critical national infrastructure.

TCS, which employs 23,000 staff in Britain and over 600,000 worldwide, is a cornerstone of India’s £95 billion Tata Group. Despite its global reach, the company has faced criticism before: a protracted legal battle with the UK Home Office over a failed IT rebuild, and the termination of a deal with Oxford University after problems with an online testing platform.

Outsourcing Risks and Rising Costs

Experts warn that the vulnerabilities are not unique to TCS. Chris Yule, director of threat research at Sophos, said outsourced helpdesks may be particularly exposed because “their primary aim is often to please their callers and not be seen as a blocker.”

The reliance on TCS reflects a broader corporate trend toward cost-cutting via outsourcing. Yet the fallout of these breaches has prompted fresh debate over whether the savings are outweighed by security risks.

Meanwhile, TCS faces its own headwinds. Its shares have fallen 28 percent this year amid fears that AI automation will displace outsourced roles, with up to 500,000 Indian IT jobs at risk. The company has also been hit by former US president Donald Trump’s proposed $100,000 fee on H-1B visas, which TCS uses heavily to send workers abroad.

A Weak Link or an Easy Target?

TCS has insisted that none of its systems or users were compromised in the M&S hack and declined to comment further on the ongoing investigations. But with two of Britain’s most high-profile cyberattacks this year linked to companies under its remit, scrutiny of its operations is unlikely to fade.

As Jamie MacColl of the defence think tank RUSI noted, social engineering attacks remain alarmingly effective. “Calling up an IT helpdesk and saying you are an employee is considerably easier” when the hackers themselves are English-speaking teenagers posing as staff.

For Britain’s corporate giants, the question is whether reliance on global outsourcing firms has created a systemic weak spot — one that savvy hackers have already learned to exploit.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *