M&S Hack May Have Been Caused by Security Issues at Indian IT Giant Tata Consultancy Services

Indian IT company Tata Consultancy Services (TCS), part of the massive Tata Group conglomerate, is currently investigating whether a recent cyberattack on Marks & Spencer (M&S) originated from its infrastructure. The alleged link between TCS and the M&S hack has raised concerns about the security of the Indian IT giant's systems.

In late April 2025, M&S confirmed suffering a "cyber incident" which affected its stores and resulted in changes to store operations. Later reports revealed that the company had to take some of its systems and processes offline, disable contactless and Click and Collect services in stores, halt online orders, and suffer a significant impact on its market capitalization.

The disruption persisted for weeks, with customer data allegedly being stolen by the attackers. The incident was later confirmed to be a ransomware attack, with M&S paying an undisclosed amount to regain control of its systems.

The Role of TCS in the Investigation

TCS has been servicing M&S for over a decade and is now under investigation for potential security breaches that may have contributed to the M&S hack. The company's alleged connection to the attack raises questions about the security of its infrastructure and systems.

The investigation, which is expected to be completed before June 2025, aims to determine whether TCS was the stepping stone to the attack or if other factors were involved. Both parties are currently keeping a low profile, but the investigation will shed light on the potential weaknesses in TCS's security measures.

The Ransomware Organization Behind the Attack

The M&S hack is attributed to the Scattered Spider group, a ransomware organization that targets UK retailers, financial institutions, technology firms, and entertainment/gambling organizations. The group operates within the larger hacking community known as "the Com" and engages in various attacks, including social engineering and SIM swapping.

Roughly two years ago, Hive Ransomware struck Tata Power, India's largest integrated power company, and early this year, Tata Technologies, a global engineering services provider, was also attacked. The Scattered Spider group is not as tightly-knit as other ransomware organizations like LockBit or Cl0p.

The Consequences of the Attack

The M&S hack had significant consequences for the company, including a drop in market capitalization of £1 billion and disruptions to its operations. The incident highlights the importance of robust cybersecurity measures and the need for companies to prioritize their security protocols.

Keeper Personal, Keeper Family, and Keeper Business are cybersecurity platforms that can help individuals, families, and businesses protect against cyber threats. With features like zero-knowledge encryption, two-factor authentication, dark web monitoring, secure file storage, and breach alerts, these platforms provide a solid foundation for securing sensitive data.

Conclusion

The investigation into the M&S hack and its potential link to TCS is ongoing, with the company expected to complete its findings before June 2025. As the cybersecurity landscape continues to evolve, it's essential for companies like TCS to prioritize their security protocols and invest in robust measures to protect against cyber threats.