According to recent reports, Marks & Spencer has confirmed that personal customer data was stolen in a cyber attack, with potentially compromised information including contact details and dates of birth. Furthermore, the retailer disclosed that the data breach may extend to online order histories, yet assured customers that no usable payment or card details were taken, nor any account passwords. Following the cyber attack three weeks ago, M&S continues to face challenges in restoring services to their normal operations, with online orders still on hold.
In a statement, M&S CEO Stuart Machin addressed the situation by acknowledging that “unfortunately, some personal customer information has been taken,” and emphasized that there is no evidence suggesting that the stolen data has been shared. The company is taking proactive measures by prompting customers to reset their account passwords as an additional security measure. Additionally, M&S operations director Jayne Wall advised customers to exercise caution when receiving unsolicited emails, calls, or texts purporting to be from M&S, reminding them that the company never requests personal account information or passwords.
With regards to the specifics of the stolen data, M&S confirmed that the compromised contact information includes details such as name, date of birth, telephone number, home address, household information, email address, and online order history. While the retailer clarified that any card information obtained would not be usable due to the absence of complete payment details in its systems, concerns regarding the cyber attack remain elevated. The attack, attributed to the same group that targeted other prominent retailers like Co-op and Harrods, employed the DragonForce cyber crime service and utilized a double extortion method to demand ransom for unscrambling and deleting the stolen data.
Industry experts like Catherine Shuttleworth, a retail analyst from Savvy Marketing, expressed concerns about the impact of the data breach on M&S, noting that customers would require significant reassurance regarding the compromised data. Despite the cyber attack posing challenges for the renowned retailer, M&S customers have shown support, emphasizing the need for transparent communication and security measures to uphold the brand’s reputation and reassure shoppers about the protection of their personal information
Read the full article from The BBC here: Read More
