Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Marks & Spencer (M&S), the UK retail giant that suffered a cyber attack late last month, may have an even slower recovery than expected, with the company now announcing that disrupted services are set to extend until July.
M&S was one of 3 UK retailers that suffered a cyber attack in April and early May, alongside Co-op and Harrods. While Co-op has begun a swift recovery, with operations returning to normal thanks to quick action preventing ransomware taking hold, M&S’ systems are still down, with click & collect and all online sales mostly still offline.
Now, in an update, M&S has said that while its online orders will still be back online partially, disruptions will continue through June and July.
"Customers will be able to shop online within the next few weeks with momentum increasing throughout June/July," said CEO Stuart Machin.
"Over the last few weeks, we have been managing a highly sophisticated and targeted cyber-attack, which has led to a limited period of disruption," he added in another statement.
"This incident is a bump in the road, and we will come out of this in better shape, and continue our plan to reshape M&S for customers, colleagues and shareholders.”
The disruptions are costing M&S hundreds of millions in revenue, with reports that the company is facing a loss of £300 million (just over AU$625 million). Previous reports suggested that the company is losing £43 million every week.
M&S has also identified that the threat ctors did not breach M&S systems but that of one of its third party vendors.
CEO Stuart Machin said the threat actors, believed to be either the DragonForce ransomware group or the Scattered Spider hacking collective using DragonForce ransomware, resorted to phishing attacks on the staff of a third-party vendor to gain their login credentials and take over accounts.
“Unable to get into our systems by breaking through our digital defences, the attackers did try another route, resorting to social engineering and entering through a third party rather than a system weakness,” Machin told media this week.
“Once access was gained, they used highly sophisticated techniques as part of the attack.”
While Machin did not identify the third-party vendor, sources speaking with Reuters have suggested that the company is Tata Consultancy Services (TCS), a company that provides organisations with solutions to aid in their digital transformation process.
The sources claimed that “at least two TCS employees’ M&S logins were used as part of the breach”.
Be the first to hear the latest developments in the cyber industry.
