U.Ok. retail big Marks & Spencer has confirmed hackers stole its clients’ private data throughout a cyberattack final month.
In a short assertion with London’s inventory change on Tuesday, the retailer stated an unspecified quantity of buyer data was taken within the data breach. The BBC, which first reported the corporate’s submitting, cited a Marks & Spencer on-line letter as saying that the stolen information contains buyer names, dates of delivery, house and e-mail addresses, cellphone numbers, family data and on-line order histories.
The corporate additionally stated it was resetting the web account passwords of its clients.
Marks & Spencer continues to expertise disruption and outages throughout its shops, with some grocery cabinets remaining empty after the hack affected the corporate’s operations. The corporate’s on-line ordering system for purchasers additionally stays offline.
It’s not clear what number of people’ information was stolen through the hack. When reached by information.killnetswitch, Marks & Spencer spokesperson Alicia Sanctuary wouldn’t say what number of people are affected and referred information.killnetswitch to its on-line assertion. Marks & Spencer had 9.4 million on-line clients as of 30 March 2024, per its most up-to-date annual report.
A ransomware and extortion gang known as DragonForce reportedly took credit score for the cyberattacks on a number of U.Ok. retail giants, together with Marks & Spencer, per media reviews.
U.Ok. retailers the Co-op and Harrods have been additionally focused by hackers at across the identical time as Marks & Spencer was hacked. The Co-op initially stated there was no proof that information was compromised, however later stated the hackers had stolen buyer information. In an replace to its web site, the Co-op stated buyer names, dates of delivery, house and e-mail addresses, and cellphone numbers have been exfiltrated.
The BBC reported final week that DragonForce claimed it had the personal data of 20 million individuals who signed as much as Co-op’s membership program, together with present and former members.
The U.Ok. Nationwide Cyber Safety Centre stated final week that it was “working with the victims and regulation enforcement colleagues” to know extra in regards to the hacks.
