The chairman of U.Ok. retail big Marks & Spencer declined to inform a panel of lawmakers whether or not the corporate paid a hacking group following a ransomware assault earlier this 12 months.
“We’ve mentioned that we aren’t discussing any of the small print of our interplay with the risk actor,” mentioned chairman Archie Norman, referring to the ransom cost. “We don’t suppose it’s within the public curiosity to enter that topic partly as a result of it’s a matter of legislation enforcement.”
Norman mentioned that “no one” at Marks & Spencer interacted instantly with the cybercriminals, which he attributed to the ransomware gang DragonForce.
In Might, Marks & Spencer disclosed that hackers had stolen an unspecified quantity of buyer information, together with names, dates of beginning, house and electronic mail addresses, cellphone numbers, family info, and on-line order histories. The breach additionally disrupted operations for weeks, leaving cabinets empty, and clients unable to order on-line.
Norman instructed lawmakers that the corporate continues to be coping with restoration efforts and can proceed to take action till October or November.
