Wednesday, May 14, 2025
Latest:
News

Marks & Spencer Confirms Customer Data Breach as DragonForce Ransomware Wave Hits UK Retail

HackAcademy

Marks & Spencer (M&S) has confirmed that hackers stole personal information in the cyber-attack that crippled the retailer’s systems on 22 April. The company says the data set does not include usable payment card details, but affected customers will be prompted to reset passwords when they next log in.

What Was Taken — and What Wasn’t

  • Compromised: contact details, dates of birth and order history.

  • Not compromised: encrypted passwords, card numbers or CVV data.

  • Current status: no evidence the stolen information has surfaced online, according to M&S’s incident-response team.

Continuing Disruption

  • Online clothing and home orders remain suspended almost three weeks after the attack.

  • Contactless payments in stores were briefly halted; some in-store systems are still operating in fallback modes.

Who Is Behind the Attack?

Self-identified members of the DragonForce ransomware gang have claimed responsibility for infiltrating M&S, as well as recent strikes on Co-op and Harrods. The group is known for “double-extortion” tactics: exfiltrating data before encrypting servers to maximise leverage.

Financial Fallout

  • M&S shares dipped to a six-week low after the breach but have since clawed back about 1 percent amid assurances that payment data is safe.

  • Analysts estimate lost revenue and remediation costs could exceed £60 million, although the retailer’s cyber-insurance policy may cover much of the hit.

Next Steps for Customers

  1. Watch for the reset prompt: change your M&S password and avoid re-using old credentials.

  2. Stay alert to phishing: scammers may exploit the news to impersonate the retailer.

  3. Monitor accounts: check loyalty-point balances and address details for unauthorised changes.

Industry-Wide Impact

Security researchers say DragonForce’s retail campaign highlights the sector’s vulnerability to supply-chain intrusions and legacy IT dependencies, issues compounded by the push toward omni-channel shopping. Cyber-insurance premiums for UK merchants are expected to rise as underwriters reassess retail risk profiles.

M&S continues to work with law-enforcement agencies and external cyber-security specialists to restore full service and trace the stolen data. A timetable for reopening its e-commerce platform has not yet been announced.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *