U.Okay. retail large Marks & Spencer has confirmed hackers stole its clients’ private info throughout a cyberattack final month.
In a quick assertion with London’s inventory trade on Tuesday, the retailer stated an unspecified quantity of buyer info was taken within the knowledge breach. The BBC, which first reported the corporate’s submitting, cited a Marks & Spencer on-line letter as saying that the stolen knowledge contains buyer names, dates of start, house and electronic mail addresses, telephone numbers, family info and on-line order histories.
The corporate additionally stated it was resetting the web account passwords of its clients.
Marks & Spencer continues to expertise disruption and outages throughout its shops, with some grocery cabinets remaining empty after the hack affected the corporate’s operations. The corporate’s on-line ordering system for purchasers additionally stays offline.
It’s not clear what number of people’ knowledge was stolen throughout the hack. When reached by TechCrunch, Marks & Spencer spokesperson Alicia Sanctuary wouldn’t say what number of people are affected and referred TechCrunch to its on-line assertion. Marks & Spencer had 9.4 million on-line clients as of 30 March 2024, per its most up-to-date annual report.
A ransomware and extortion gang known as DragonForce reportedly took credit score for the cyberattacks on a number of U.Okay. retail giants, together with Marks & Spencer, per media studies.
U.Okay. retailers the Co-op and Harrods had been additionally focused by hackers at across the identical time as Marks & Spencer was hacked. The Co-op initially stated there was no proof that knowledge was compromised, however later stated the hackers had stolen buyer knowledge. In an replace to its web site, the Co-op stated buyer names, dates of start, house and electronic mail addresses, and telephone numbers had been exfiltrated.
The BBC reported final week that DragonForce claimed it had the non-public info of 20 million individuals who signed as much as Co-op’s membership program, together with present and former members.
The U.Okay. Nationwide Cyber Safety Centre stated final week that it was “working with the victims and regulation enforcement colleagues” to know extra concerning the hacks.
