- Marks and the CEO of Spencer received communication from a rescue gang
- This follows a devastating attack in early 2025
- Email confirms a link between M&S and CO-OP attacks
Marks and Spencer were among the British retailers who suffered from devastating cyber attacks in early 2025, with services and stores that face the interruption, as well as the online orders that were suspended.
In the midst of all this, the CEO reports of the BBC Claims Company, Stuart Machin, were personally sent electronic emails by the attackers who incite it and invite you to start negotiating the rescue rate.
“We have launched the roads from China to the United Kingdom and have violated their company merciless and encrypted all servers,” the computer pirates wrote. “The dragon wants to talk to you, so please tell yourself to [our darknet website]”
“Let’s start the party”
The group, which is called “Dragonforce”, also attributed the responsibility of the cooperative attack, which came a similar moment, which makes this email the first official link between the two incidents.
Little is known until now about the group itself, but emails confirm that this was a ransomware attack, something that has so far refused to comment.
It was sent through an employee of Tata Consultancy Services (TCS) based in London, and it seems that this employee was also pirate as part of the broader attack, and the Indian IT service is investigating whether it was the origin for the M&S cybeatck.
The email indicated a knowledge of the company’s cyber insurance, mocking the company; “We know that we can both help each other :))”. The email also contained a link to begin rescue negotiations; “Let’s make the party begin. Send us a message, we will do it quickly and easy for us.”
We communicate with Marks and Spencer to comment, which he rejected, offering the following;
“We cannot comment on the details or speculation about the cyber incident, and we have been advised not to do it.”
