- M&S is still faced with the spinoffs of the cyber attack that struck its digital services
- Online orders remain a break three weeks after hacking took place
- Stolen customer data include contact details but no passwords or payment information
Three weeks after Marks & Spencer was affected by a cyber attack, the retailer is still working to restore complete services.
Online orders remain suspended and the company has now confirmed that certain customer data had been stolen during the violation. The information taken may include names, addresses, telephone numbers, birth dates and control history. According to the company, no account password or the usable payment details have been exposed.
The attack had a visible impact on the M&S. Its market capitalization has dropped by around 1 billion pounds sterling from the incident, and although shopping in stores and contactless payments have taken up, the website and the application are always offline for the order.
Continuous disturbance
If you visit the site now, a message indicates: “As part of our proactive cyber-incident management, we have made the decision to take a break by taking orders via our websites, applications, applications and by phone. Our product range remains available to cover online. We are really sorry for this drawback. Our stores are open to welcome customers. ”
Pirates used a known cybercrime service called DragonForce, which provides tools for ransomware attacks. This group is associated with a method known as double extortion – flying data and also encrypting it to pressure victims to pay a ransom.
M&S said that he had acted quickly to contain the violation, work with cybersecurity experts and notify the relevant authorities. Customers were sent by email on the incident and are invited to reset their passwords per precaution.
Until now, the Darknet Dragonforce platform has not published any Data M&S disclosed, but experts note that there is still a risk of exposure or future sale.
The retailer has not confirmed the number of people affected, although his last annual report listed 9.4 million active online users.
Other British retailers have also been targeted recently, including Co-OP and Harrods. Co-op, which has experienced a similar incident, would be closer to the resumption of online operations for its suppliers.
M&M apologized for the disruptions and reassured customers that measures are taken to secure the systems. Despite this, it is not clear when the online full functionality comes back.
