- M&S is still dealing with the consequences of cyber attack that reached its digital services
- Online orders continue to pause three weeks after the trick took place
- Customer stolen data includes contact data, but there are no passwords or payment information.
Three weeks after Marks & Spencer was hit by a cyber attack, the retailer is still working to restore complete services.
Online orders remain suspended, and the company has now confirmed that some customer data were stolen during the violation. The information taken can include names, addresses, telephone numbers, birth dates and orders stories. According to the company, no account passwords or usable payment details were exposed.
The attack has had a visible impact on M&S. Its market capitalization has decreased by around 1 billion from the incident, and although purchases in the store and contactless payments have resumed, the website and the application are still out of line to order.
Continuous interruption
If you visit the site now, a message establishes: “As part of our proactive management of a cyber incident, we have made the decision to stop orders through our M&S.com websites, applications and by phone. Our range of products remains available to navigate online. We really regret this inconvenience. Our stores are open to welcome customers.”
The hackers used a known cyber crime service called Dragonforce, which provides tools for ransomware attacks. This group is associated with a method known as double extortion: steal data and also encrypt it to press the victims to pay a rescue.
M&S said he acted quickly to contain the violation, work with cybersecurity experts and notify the relevant authorities. Customers have been sent by email about the incident and are asked to restore their passwords as caution.
Until now, Dragonforce Darknet has not published any leaked M&S data, but experts point out that there is still a risk of future exposure or sale.
The retailer has not confirmed how many people were affected, although their most recent annual report listed 9.4 million active users.
Other retail retailers have also been recently attacked, including CO-OP and Harrods. According to reports, the cooperative, which experienced a similar incident, is closer to resuming online operations for its suppliers.
M&S has apologized for the interruption and calm to customers that the steps are being taken to safe systems. Despite this, it is not clear when the full -line functionality will return.
