U.Okay. retail large Marks & Spencer has confirmed hackers stole its prospects’ private info throughout a cyberattack final month.
In a brief statement with London’s inventory trade on Tuesday, the retailer stated an unspecified quantity of buyer info was taken within the knowledge breach. The BBC, which first reported the company’s filing, cited a Marks & Spencer online letter as saying that the stolen knowledge contains buyer names, dates of beginning, residence and e mail addresses, telephone numbers, family info and on-line order histories.
The corporate additionally stated it was resetting the web account passwords of its prospects.
Marks & Spencer continues to expertise disruption and outages throughout its shops, with some grocery cabinets remaining empty after the hack affected the corporate’s operations. The corporate’s on-line ordering system for purchasers additionally stays offline.
It’s not clear what number of people’ knowledge was stolen in the course of the hack. When reached by TechCrunch, Marks & Spencer spokesperson Alicia Sanctuary wouldn’t say what number of people are affected and referred TechCrunch to its on-line assertion. Marks & Spencer had 9.4 million on-line prospects as of 30 March 2024, per its most recent annual report.
A ransomware and extortion gang referred to as DragonForce reportedly took credit score for the cyberattacks on a number of U.Okay. retail giants, together with Marks & Spencer, per media reports.
U.Okay. retailers the Co-op and Harrods have been additionally focused by hackers at across the identical time as Marks & Spencer was hacked. The Co-op initially stated there was no proof that knowledge was compromised, however later stated the hackers had stolen buyer knowledge. In an replace to its website, the Co-op stated buyer names, dates of beginning, residence and e mail addresses, and telephone numbers have been exfiltrated.
The BBC reported last week that DragonForce claimed it had the personal info of 20 million individuals who signed as much as Co-op’s membership program, together with present and former members.
The U.Okay. Nationwide Cyber Safety Centre stated last week that it was “working with the victims and legislation enforcement colleagues” to know extra concerning the hacks.