Latest news with #SparksPay
Tom's Guide
13-05-2025
- Business
- Tom's Guide
M&S customer data was stolen in last month's cyberattack — how to stay safe
The Marks and Spencer (M&S) cyberattack that occurred last month on April 22, 2025 managed to use Scattered Spider social engineering tactics to breach the network, encrypt VMware ESXi virtual machines on the company's servers and then impact business operations for the retailers 1,400 stores so severely that the company has to stop accepting online orders. Now, M&S confirms that additionally customer data was stolen in the cyberattack. Specifically: full names, email addresses, home addresses, phone numbers, dates of birth, online order history, household information, Sparks Pay reference numbers and 'masked' payment card details. BleepingComputer was the first to report that DragonForce ransomware affiliates were responsible for the attacks. Since the breach M&S has been conducting an investigation which revealed the theft of customer data and sensitive personal information. Despite that, M&S CEO, via a letter on the company's Facebook page has said there is no need for customers to take any action. The letter also states there is no evidence that the stolen data has been shared, and there is no evidence that any usable card or payment details were taken. The company said customers have been written to inform them of the details. While all customers with active M&S accounts will be prompted to reset their passwords the next time they attempt to log in using either the website or the app, it's always a good idea to reset a password after a data breach. You can also sign up for one of the best password managers to make sure your passwords are better protected and easy to change as well. Also, an M&S spokesperson warned BleepingComputer that customers might receive emails, calls or texts claiming to be from M&S or asking for personal information like usernames and passwords. M&S customers should be particularly on guard against these types of phishing attempts and should never give out personal information to anyone claiming to be from the company. For added protection, you should also check out some of the best identity theft services as well, which will help protect you against anything that could go wrong like having your identity stolen or losing money to fraud after your data is stolen in a breach. Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Yahoo
13-05-2025
- Business
- Yahoo
M&S says hackers gained access to customer data in April cyberattack
This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Marks and Spencer Group has begun notifying customers that hackers accessed some of their data in an April cyberattack, according to a trading update released Tuesday. The British retailer said the information does not include 'usable payment or card details,' which it does not store on its own systems, nor any password information. However, customers will be prompted to reset their passwords the next time they visit M&S online or attempt to log in to their accounts, according to the update from CEO Stuart Machin. The company has shared information about how to remain safe online, according to the update. M&S is one of three major U.K. retailers — along with the famed Harrods department store and the supermarket chain Co-op — to be targeted in a recent cyberattack spree by highly skilled hackers. The notorious cybercrime group Scattered Spider has been linked to the attack, although a separate group called DragonForce has claimed credit for the intrusions. The attacks disrupted online purchases and impacted some store inventories. The U.K.'s National Cyber Security Centre issued a statement earlier this month confirming that it was working with the retailers to get a better understanding of the attacks. NCSC CEO Richard Horne described the incidents as a wakeup call, and officials released guidance for how to mitigate future ransomware attacks. In a note to customers from Jayne Wall, M&S's operations director, the company said the stolen customer information could include basic contact details, dates of birth and online order histories. Payment information might have been stolen, the company said, but detailed payment card data would be masked and would, therefore, be unusable. The stolen information could also include customer reference numbers for M&S credit card or Sparks Pay holders, according to a frequently asked questions page. Customers were warned to be on alert for fraudulent calls, emails or text messages claiming to be from the retailer. Despite the lack of actionable payments information, customers should remain vigilant about hackers potentially abusing the additional personal details, according to Matt Hull, head of threat intelligence at NCC Group. 'Despite the absence of financial data or passwords, threat actors could potentially use the stolen information to launch targeted social engineering attacks,' Hull said. 'Stay vigilant for phishing messages pretending to be from M&S or other companies you've dealt with.'
