M&S Hackers Believed to Have Gained Access Through Third Party

The hackers behind a devastating cyber-attack on Marks & Spencer (M&S) are believed to have gained entry through a third party who had access to the retailer's systems, according to sources close to the matter. The attack, which occurred in April, has left M&S struggling to get services back to normal, with online orders paused for over three weeks.

The cyber-attack has caused millions of pounds of lost sales for M&S and has been described as "devastating" by bank analysts. According to estimates, the retailer has lost more than £40m in sales every week since the incident began over the Easter bank holiday weekend. Some stores were left with empty food shelves after the firm had to take some food-related systems offline.

M&S will announce its annual results on Wednesday, but the focus will all be on the devastating attack and its financial impact. The retailer's decision to pause online orders has also had a significant impact on its sales, with many customers left frustrated by the lack of availability.

The Attack: A Timeline

Here is a summary of what happened during the cyber-attack:

  • Date: April (exact date not specified)
  • Description: M&S hackers managed to gain entry through a third party who had access to its systems.
  • Impact: Online orders paused for over three weeks, millions of pounds of lost sales, and some stores left with empty food shelves.

The Aftermath: What We Know So Far

M&S has told the BBC that it decided to close down many of its IT operations following the attack as a precautionary measure. The retailer effectively locked itself out of its core systems, grappling to deal with the attack.

The biggest challenge is getting its online system fully operational again, which accounts for around a third of its clothing and homeware sales. M&S has stated that customer data was stolen in the cyber-attack, which could include names, date of birth, phone numbers, home addresses, email addresses, household information, and online order histories.

However, the retailer added that any card information taken would not be useable as it does not hold full card payment details on its systems. The Co-op, another retailer targeted by the hackers, has also announced that customer data was compromised in the attack.

The Hackers: Who Are They?

The hackers behind the cyber-attack have been identified as "DragonForce", a group who previously told the BBC they were responsible for hacking the Co-op and attempting to hack Harrods. The group's motives remain unclear, but their actions have caused significant disruption to both M&S and the Co-op.

The Road to Recovery

M&S has assured customers that its stores are now operating normally, with availability restored to a normal level. However, the retailer's online system remains offline, and it is unclear when customers will be able to place orders again.