Terrifying message sent by ‘Chinese hackers' to M&S boss after crippling cyber attack on British retailer is revealed
The blackmail message is believed to have included a racist term
RANSOM DEMAND Terrifying message sent by 'Chinese hackers' to M&S boss after crippling cyber attack on British retailer is revealed
Click to share on X/Twitter (Opens in new window)
Click to share on Facebook (Opens in new window)
'CHINESE hackers' allegedly sent a terrifying message to the boss of Marks & Spencer following a crippling cyber-attack on the British retailer.
Fraudsters, believed to be from the hacking group DragonForce, are said to have emailed the company's chief executive Stuart Machin and seven other key executives.
Sign up for Scottish Sun
newsletter
Sign up
2
High street retailer Marks & Spencer was hit by a cyber attack over the Easter holiday
Credit: Alamy
2
M&S boss Stuart Machin, pictured, along with seven other company executives were emailed by the hackers, believed to be DragonForce
Credit: PA
The message, written in broken English, was sent on April 23, indicated that M&S was hacked by the ransomware group, although the retailer has not acknowledged this.
'We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers,' the hackers wrote, according to the BBC.
'The dragon wants to speak to you so please head over to [our darknet website].'
The link to the darknet shared in the email led to a portal for victims of DragonForce to negotiate a ransom fee.
The hackers added: 'Let's get the party started. Message us, we will make this fast and easy for us.'
DragonForce's attack during the Easter holiday has been hugely damaging for one of Britain's best-known retailer and is thought to have cost the firm an estimated £300million.
After six weeks on from the attack, the retailer is still unable to process online orders.
The email was sent to Mr Machin along with seven other top executives, according to the corporation.
A racist term is also said to have been included in the blackmail message and also ended with an image of a fire-breathing dragon.
Along with installing ransomware in order to cripple M&S's IT system the hackers are also believed to have stolen private data from millions of customers.
The £3.50 M&S buy that'll make your whole house smell like a 'boujee candle'
Three weeks on from the attack, M&S informed customers that contact details and dates of birth from some shoppers had been obtained by a suspected cyber cartel.
M&S also admitted other personal details, including customers' order histories, had also been pilfered by online criminals.
Bosses though have stressed that no data relating to shoppers' payment, card details or account passwords had been obtained.
It is unclear how many customers have been affected by the data breach.
According to the company's full-year results, it had 9.4million active online customers in the year up to March 30.
The email apparently sent by DragonForce is thought to have bene sent using the account of an employee from IT company Tata Consultancy Services (TCS), which has provided IT services to the retailer for more than a decade.
The Indian IT worker, who is based in London, had an M&S email address but is paid employee of TCS.
Timeline of the attack Saturday, April 19: Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues.
Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues. Monday, April 21: Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the "cyber incident" in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms "minor, temporary changes" to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO) and engages external cybersecurity experts.
Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the "cyber incident" in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms "minor, temporary changes" to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO) and engages external cybersecurity experts. Tuesday, April 22: Disruptions continue. M&S takes further systems offline as part of "proactive management".
Disruptions continue. M&S takes further systems offline as part of "proactive management". Wednesday, April 23: Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected.
Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected. Thursday, April 24: Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February.
Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February. Friday, April 25: M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S's share price.
M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S's share price. Monday, April 28: M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home.
M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home. Tuesday, April 29: Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores.
Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores. Tuesday, May 13: M&S revealed that some customer information has been stolen.
M&S revealed that some customer information has been stolen. Wednesday, May 21: The retailer said disruption from the attack is expected to continue through to July.
The retailer said disruption from the attack is expected to continue through to July.
It's thought the worker was among the victims hacked.
The company had previously said it is investigating if it was a gateway for the cyber attack.
It has since informed the BBC the email was not sent from its system and had nothing to do with the security breach.
M&S has declined to comment on the latest revelations.
A spokesperson for the company told The Sun Online: 'We cannot comment on details of or speculation on the cyber incident, and we have been advised not to.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Glasgow Times
2 hours ago
- Glasgow Times
Nexus Packaging expands Glasgow site with fresh investment
Nexus Packaging has announced the second phase of expansion at its advanced blow moulding site, which is part of its broader mission to innovate, boost energy efficiency, and nurture new talent within the UK's blow moulding industry. The 57,000 sq ft site, which opened in 2024, boasts nine all-electric Magic blow moulding machines, alongside state-of-the-art compressors, chillers, blending systems, and solar panels. (Image: Supplied) Chris Wagner, the director, said: "We're now moving into the next phase of development, with plans to build an additional 20,000 sq ft of storage and install four new machines. "These will be largely dedicated to custom tool designs, giving us greater flexibility and speed in servicing our clients. Read more: Further man arrested in Glasgow amid suspected 'gang war' Eddie Lyons Jnr on holiday with golf club from near Glasgow when killed in Spain Police staff could strike in row over 'huge cuts' "The West of Scotland has a proud legacy of skilled engineering. "We've been able to recruit a strong team of young technicians and machine operators, many of whom are working alongside experienced moulders from our original 1990s plant who've returned to support this new chapter." Nexus believes this blend of fresh talent and seasoned expertise provides a distinct advantage in an industry where many competitors rely on dated operations and infrastructure. Mr Wagner said: "Modern blow moulding machinery now runs via touch screen interfaces. "To get the best out of this technology, you need fresh minds and modern thinking." He remains committed to revitalising the UK's manufacturing base. Mr Wagner said: "Over the last 25 years, a lack of investment in people and machinery has shifted much industrial blow moulding production overseas. "We're working hard to reverse that trend to bring jobs, innovation, and pride back to British manufacturing."
South Wales Argus
3 hours ago
- South Wales Argus
LTA announces commitment to equal prize money by 2029
For the first time this year, all the LTA's grass court events will feature both men and women's tennis as part of a commitment to give British fans the opportunity to watch the best players, men and women, on home soil and bring women's tennis to a larger audience. The HSBC Championship at Queen's Club will stage a women's WTA 500 and a men's ATP 500 event, whilst the Lexus Eastbourne Open will stage a women's WTA 250 and a men's ATP 250, both tour events of the same level. This year, the events will be providing not just the same experience for fans and players, but a move to true equal prize money over time for the players involved. There are currently material differences between the prize money levels on the women's WTA and men's ATP tours. Whilst the minimum prize money levels are set by the tours themselves, the LTA, with the full support of the WTA, has chosen to significantly uplift the WTA prize money at Queen's and Eastbourne in 2025 and will fully close the gap between WTA and ATP prize money at these events no later than 2029. This year the WTA 500 prize money at the HSBC Championships will rise to a record $1.415m. The HSBC Championships will be the highest paying WTA 500 event, of its draw size, in the world this year. The WTA 250 prize money at the Lexus Eastbourne International will rise to $389,000 – making this the highest paying WTA 250 event anywhere on the tour. Scott Lloyd, LTA Chief Executive said: 'We are making significant increases this year to the women's prize money at Queens and Eastbourne and want to achieve equal prize money as soon as possible. 'The LTA is committed to growing women's tennis, both at professional and grass-roots level and this move is an important part of that commitment. This year fans will be able to enjoy both men's and women's tennis on the biggest stages that we can offer and we want to develop the tournaments so that the women's events deliver a path to profitability and greater visibility for the sport. 'We aspire to play a leading part in the growth and development of women's tennis globally, and we'll continue to explore new ways in which we can do this.' Portia Archer, WTA CEO said: 'We fully support the LTA's initiatives to increase the women's prize pot at its events, with a goal of achieving parity in the longer term. WTA athletes deliver consistently engaging and powerful games on court to entertain courtside fans and worldwide audiences. 'This move sends a powerful message that the women's game is valued and will inspire new generations of girls picking up racquets to know their endeavours will be recognised.'
The Herald Scotland
4 hours ago
- The Herald Scotland
Lord Sainsbury: Give Glasgow greater devolved powers
"A major challenge which government faces if it wants to increase Scotland's rate of growth is a way to find and support such clusters," he said. "All the evidence from other countries suggests that the only way to effectively support clusters is to do so at a city region level. Read more: "I appreciate in Scotland, unlike in England, metro mayors have not yet been introduced, but if you want to support high-tech clusters, this is something I think you should seriously consider, with Greater Glasgow being given powers similar to those devolved to Greater Manchester and the West Midlands." Lord Sainsbury was speaking at the Creating the Jobs of Tomorrow conference organised by Glasgow Chamber of Commerce, where he was introduced to the stage by former Labour chancellor and prime minister Gordon Brown. Mr Brown said growth and productivity have been perennial problems in the UK and Scotland, with innovation the key to boosting performance. A new study by economist Dan Turner, head of research at the Centre for Progressive Policy, has suggested this could unlock the creation of hundreds of thousands of high-value jobs. "There are huge sources of innovation and inventiveness in Scotland, just as has been traditional in our history," he said. "The question is can we turn that into scalable companies that stay in Scotland, invest in Scotland, create jobs in Scotland, and Dan's study suggests we could create 300,000 jobs in the next 10 years. "That's 300,000 well-paying jobs, 120,000 in the new industries, the spin-offs in terms of the service sector another 180,000 - that is a possibility if we invest in the infrastructure, the skills, and the development necessary to achieve that." Lord David Sainsbury (Image: Nate Cleary) Lord Sainsbury is a Labour peer and served as minister for science and innovation under Mr Brown and his prime ministerial predecessor, Tony Blair, between 1998 and 2006. He was appointed a life peer in 1997. Lord Sainsbury said there are new opportunities for employment and growth in sectors such as quantum computing, artificial intelligence and biotechnology. "There are economists that will argue that it is investment that is the engine of economic growth, but we have to realise today that capital flows easily around the world, and it flows as it has always done, to where the best investment opportunities are created by innovation," Lord Sainsbury said. "You can sit in London today and you can invest in Silicon Valley, you can invest in practically any country - until recently you could even invest in Chinese venture capital - because that is what modern communication enables you to do. That is why investment is not the real driver of the economy, it's innovation." Among the other speakers was Michael Spence, who won the Nobel Prize in Economics in 2001 for his work in the analysis of markets with information imbalances. Read more: "There are two things that [people] associate with Adam Smith correctly," Mr Spence said. "One the 'invisible hand', which is the market system is a reasonably efficient tool for decentralising and allocating resources. "That actually is not the most important thing that Adam Smith said, but it's the one that neo-conservatives remember because they elevate market systems to the status of a religion, rather than a way of accomplishing economic and social goals. The most important one for our purposes is specialisation. "Adam Smith meant specialisation within an economy, when of course everything that David Sainsbury talked about in the global economy is just the Adam Smith insight writ large, and of course it is the ultimate source of growth. "Without specialisation you don't get scale of spread your activity over too much territory, and you don't get innovation. You get nothing if everybody has to do everything. "The fundamental message I want to deliver today is that's still true, and that growth is fundamentally about specialisation and structural change."
