- TCS says that none of its systems or users have been affected in brands and the Spencer attack
- M&S was affected by a major cyber attack earlier in 2025
- TCS has promised an investigation, but has offered little information so far
The third party supplier that many blamed for the main cyber attack against Marks and Spencer (M&S) revealed his first conclusions of an internal investigation into his role in the incident.
Tata Consultancy Services (TCS) said that none of its “systems or users had been compromised” as part of the cyber attack.
“As no TCS system or user has been compromised, none of our other customers have been affected” “Keki Mistry, independent director, told his annual shareholders’ meeting, PK Press Club Reports.
TCS role and investigation
M&S was apparently struck by the attack on April 22, revealing the news of the incident several days later.
Following an initial probe, the experts proposed that the attackers were able to penetrate their systems by compromising the workers of TCS, which provided third -party services to M&S for more than a decade on Sparks, the retailer’s reward system.
In 2023, TCS would also have obtained a $ 1 billion contract to modernize the technology inherited from M&S through its supply chain and its omnichannel sales, aimed at stimulating online sales.
TCS, part of the massive conglomerate of the Tata group, would have carried out a complete investigation, but remained silent until this unexpected (and brief) mention.
M&S planned that the attack could cost him around 300 million pounds of the operating profits lost during his exercise.
It was recently revealed that the pirates contacted the CEO of M&S Stuart Machin in a mocking email the day after the attack, requesting payment of the attack.
This email was sent by the collective dragonforce hacking, which makes such attacks in exchange for payment or reward of other parties in exchange for a reduction in any price of ransom.
M&S did not confirm if he had paid a ransom to the hackers, but admitted that certain customer data had been stolen in the attack. This did not include any password or card card or payment card, but house addresses, phone numbers and birth dates may have been assigned.
Anyone about their data may have been taken, we recommend that you use a dark web surveillance service or use a violation instructor, as I was PWAD to check the potential exhibitions.
TCS has not yet responded to a request for PK Press Club pro comments.
