- M&S has undergone a cyber attack that affected click and collection systems
- Stores were not affected, with the exception of certain deactivated contactless payment systems
- It is not yet clear if customer data is affected
Marks and Spencer (M&S) has undergone a “cyber-incident” that has affected stores in recent days, which has led “small changes” for storage operations to protect “and business” customers.
The retailer confirmed that the click and collection services were affected by the technical problems accordingly, and certain stores could not treat contactless payments. It is not yet clear if this incident has led to data on customers or raped employees, or if it was a ransomware attack, but customers should ensure to change their passwords and be on the lookout for a suspicious activity in case.
The retail giant apologized for any drawback and assures that he is working with “the best experts” to manage the incident – here is what we know so far.
Business as usual
In a note to customers, the director general of M&S, Stuart Machin, apologized, confirming that the stores remain open and that the website and the application of the retailer operate as usual.
“It is not necessary to take measures at the moment, and if the situation changes, we will let you know. There may be delays limited to your click and collection order, which we work hard to resolve,” writes Machin.
The retail industry is a frequent target for cyber attacks, often holding personally identifiable information such as names, email addresses and customer shipping addresses. Criminals that can take control of systems can cost the retail companies for millions in time – get a serious lever effect in Ransomware incidents.
M&S confirmed Techradar Pro All contactless payments are now back online in all stores, and that he has seen “the positive comments of customers thanking us for our transparency and for the support of store colleagues”.
In 2024, a supply chain attack struck some of the largest grocery stores in the United Kingdom, Morrisons and Sainsbury’s, as well as in the Starbucks coffee, taking off-line systems in a ransomware attack which saw more than 680 GB of stolen data.
For people affected
Marks and Spencer has not confirmed the nature of this incident, and so far, no cybercrime group has taken responsibility for the incident, and no client data has been published online.
That being said, customers would be wise to take a few measures in the coming days just to be on the same side and to ahead of any repercussions if their information has been affected.
In an incident like this where it is not clear that the data, if necessary, have been affected – the first thing to do is to modify your password and all the other sites with the same identification information. We have set up a guide on how to create a secure password to make sure you are as sure as possible.
The next step, and probably the most important, is to remain vigilant. With your name and your email address, a criminal can send sophisticated social engineering attacks, aimed at encouraging you to hand over more information or inadvertently download malware.
Make sure you check the communications and unexpected email addresses-in particular the cross references against the legitimate email addresses (these can be found on Google).
Beware particularly of any email that asks you to enter information, click on a link or scan a QR code. Phishing attacks using QR codes become more common and are more dangerous than ever, so make sure everything you scan is checked beforehand.
If a criminal sends you an email, there will most likely be signs. The first is the communication email address-if it is G00ggle or M1Crosoft instead of their legitimate addresses, simply remove the email. If you get a unexpected text, email or phone call from anyone claiming to be a “friend”, from a number or address that you do not recognize, in particular the one who asks you to connect, send money, buy a gift card, to be very suspect.
