British retailer Marks & Spencer (M&S) has confirmed a significant cyber attack that resulted in the theft of customer data, disrupting its online operations for over three weeks. The breach, which began over the Easter weekend, forced M&S to halt online orders on April 25, causing widespread service disruptions and financial losses.
The stolen data includes customer contact details, dates of birth, home addresses, phone numbers, email addresses, and online order history. However, M&S has assured that payment details and account passwords were not compromised. In response, the company is urging customers to reset their passwords and remain vigilant against potential phishing attempts.
M&S is working closely with cybersecurity experts, law enforcement, and government agencies to mitigate the impact of the attack. While the company has not disclosed the exact nature of the breach, it is suspected to be ransomware-related, where hackers encrypt company data and demand payment for its release.
As businesses increasingly rely on digital platforms, cybersecurity resilience has become a critical priority. Organizations must invest in robust security measures, proactive threat detection, and employee awareness to safeguard sensitive data and maintain customer trust.
Get in touch
