M & S hit by Ransomware Attack 🏴‍☠️🚩

M&S Cyber Attack: Ransom Demand and ImplicationsMarks & Spencer (M&S) has confirmed a cyber attack by the hacking group DragonForce, which sent an abusive ransom email to CEO Stuart Machin. The email, written in broken English, claimed that M&S’s systems had been encrypted and customer data stolen, costing the retailer approximately £300 million. The attack utilized an employee email account from Tata Consultancy Services, raising questions about security vulnerabilities. The hackers provided a darknet link for ransom negotiations and implied knowledge of M&S’s cyber-insurance policy. This incident also correlates with a simultaneous attack on the Co-op, suggesting a broader threat landscape. Investigations are ongoing, with speculation about the involvement of a collective known as Scattered Spider, which has garnered attention from the UK’s National Crime Agency. M&S has not confirmed if any ransom has been paid.