What to know about Marks & Spencer’s cyber attack
Visual of Marks & Spencer's new flagship store on SouthGate, Bath. Credits: Marks & Spencer. Almost a week has gone by since Marks & Spencer’s put a halt on online orders as it attempted to grapple with a cyber attack on its systems. Little is still known about what the incident involved and how the company, its employees and customers have been impacted. Yet now, with local police getting involved and speculation surrounding who was behind the attack mounting, a clearer picture is unravelling. Here is what we know… What happened? Over a week ago, Marks & Spencer customers were greeted by disruptions to the company’s website, while reports of contactless payments and click and collect orders were also on the rise. By April 22, the British department store confirmed it was dealing with a cyber attack, and as a result, on April 25, halted its online orders through its app and website, as well as pausing in-store contactless payments. “Some delay to online delivery times” was also to be expected, according to its statement on the day. How has this impacted Marks & Spencer? On April 25, Marks & Spencer said it had opted to “move some of our processes offline to protect our colleagues, partners, suppliers and our business”, however, did not disclose further details of the incident. The company simply stated that customers did not, at that moment, need to take any action. As the days unfolded, the aftermath of the attack also continued to unfold. Various media reports suggested that some Marks & Spencer stores had been left with empty shelves. A spokesperson confirmed that the incident had resulted in “pockets of limited availability” for some of its sites as some systems remain “temporarily offline”. The Times, meanwhile, said the company had enacted a freezing hire until operations were back to normal, while some departments of the company had been told to work from home in response to the issues. Financially, the retailer is also feeling the effects. Marks & Spencer’s share price has fallen 6.5 percent since the issue began and, with its online website being a major part of operations, it is anticipated that its financial results for the current quarter will also feel the brunt. How is the issue being resolved? Marks & Spencer has reaffirmed in its two public statements that it has a team working on restoring its systems. The incident is currently being assessed by the Information Commissioner’s Office, which told the BBC that it had reported the attack to the National Cyber Security Centre. Now, the local authorities are also involved. On April 31, the Metropolitan Police confirmed to various media that officers from its cyber crime unit had been assigned to investigate the case. Further details from the police were not shared. Who is responsible? Speculation as to who is responsible for the attack continues to mount and Marks & Spencer itself has not yet confirmed the cause. What is known is that it was a ransomware attack, which involves the collection and holding of data in return for a ransom. Among those being suspected are that of Scatter Spider. The group–known to include people from their 20s from the UK and the US–are said to have encrypted key Marks & Spencer systems using ransomware, claimed BleepingComputer. According to the tech site, hackers had stolen data as far back as February to help them get into the system before they then encrypted access to the server using ransomware operator DragonForce. Threats to other companies Days after the attack on Marks & Spencer, supermarket chain Co-op also confirmed it had shut down parts of its IT systems following an attempted breach. The company had confirmed the attempts to BleepingComputer, but had not disclosed whether they were successful. The retailer said in a statement that there was “small impact on some of our back office and call centre services”.
Almost a week has gone by since Marks & Spencer’s put a halt on online orders as it attempted to grapple with a cyber attack on its systems. Little is still known about what the incident involved and how the company, its employees and customers have been impacted. Yet now, with local police getting involved and speculation surrounding who was behind the attack mounting, a clearer picture is unravelling. Here is what we know…
What happened?
Over a week ago, Marks & Spencer customers were greeted by disruptions to the company’s website, while reports of contactless payments and click and collect orders were also on the rise. By April 22, the British department store confirmed it was dealing with a cyber attack, and as a result, on April 25, halted its online orders through its app and website, as well as pausing in-store contactless payments. “Some delay to online delivery times” was also to be expected, according to its statement on the day.
How has this impacted Marks & Spencer?
On April 25, Marks & Spencer said it had opted to “move some of our processes offline to protect our colleagues, partners, suppliers and our business”, however, did not disclose further details of the incident. The company simply stated that customers did not, at that moment, need to take any action.
As the days unfolded, the aftermath of the attack also continued to unfold. Various media reports suggested that some Marks & Spencer stores had been left with empty shelves. A spokesperson confirmed that the incident had resulted in “pockets of limited availability” for some of its sites as some systems remain “temporarily offline”. The Times, meanwhile, said the company had enacted a freezing hire until operations were back to normal, while some departments of the company had been told to work from home in response to the issues.
Financially, the retailer is also feeling the effects. Marks & Spencer’s share price has fallen 6.5 percent since the issue began and, with its online website being a major part of operations, it is anticipated that its financial results for the current quarter will also feel the brunt.
How is the issue being resolved?
Marks & Spencer has reaffirmed in its two public statements that it has a team working on restoring its systems. The incident is currently being assessed by the Information Commissioner’s Office, which told the BBC that it had reported the attack to the National Cyber Security Centre. Now, the local authorities are also involved. On April 31, the Metropolitan Police confirmed to various media that officers from its cyber crime unit had been assigned to investigate the case. Further details from the police were not shared.
Who is responsible?
Speculation as to who is responsible for the attack continues to mount and Marks & Spencer itself has not yet confirmed the cause. What is known is that it was a ransomware attack, which involves the collection and holding of data in return for a ransom.
Among those being suspected are that of Scatter Spider. The group–known to include people from their 20s from the UK and the US–are said to have encrypted key Marks & Spencer systems using ransomware, claimed BleepingComputer. According to the tech site, hackers had stolen data as far back as February to help them get into the system before they then encrypted access to the server using ransomware operator DragonForce.
Threats to other companies
Days after the attack on Marks & Spencer, supermarket chain Co-op also confirmed it had shut down parts of its IT systems following an attempted breach. The company had confirmed the attempts to BleepingComputer, but had not disclosed whether they were successful. The retailer said in a statement that there was “small impact on some of our back office and call centre services”.
![Video: Marine Serre on Building an Independent Label [English]](https://r.fashionunited.com/LqmL4gcTYaW-0R1pmasQw2Q6yxCrLLvNKSMy3RmjiQg/resize:fit:1200:630:0/gravity:ce/quality:70/aHR0cHM6Ly9mYXNoaW9udW5pdGVkLmNvbS9pbWcvdXBsb2FkLzIwMjUvMDQvMDQvbWFyaW5lLXNlcnJlLW0tczI0LTAzMC16em01bWVqYi0yMDIzLTA4LTIwLXBkNnpmbzc4LTIwMjUtMDQtMDQuanBlZw.jpeg)
