Latest news with #phishingscams
The Independent
03-06-2025
- Business
- The Independent
All the customer data stolen in Cartier cyber attack
Luxury jewellery company Cartier has notified customers of a data breach where hackers stole limited client information, including names, email addresses, and countries. The company says the breach has been contained, and no passwords, credit card details, or banking information were compromised. Cartier has informed relevant authorities and is working with cybersecurity experts to enhance system protection. Marks & Spencer, Dior, and The North Face have also reported recent cyberattacks, with experts warning customers to be wary of phishing scams. Other recent cyberattack attempts include London department store Harrods, following incidents at Marks & Spencer and the Co-op Group.
Sky News
14-05-2025
- Business
- Sky News
What should M&S customers do after criminals stole personal data in huge attack?
The personal data of M&S customers has been stolen by hackers during a huge cyber attack that may have cost the company millions. So what should those customers do now? The retail giant admitted on Tuesday that some data had been stolen but reassured customers that no "usable payment or card details" were taken. Passwords were also not included in the stolen data but there are reports that contact details like names, addresses and phone numbers were taken. There is no evidence the data has been shared, M&S confirmed to Sky News on Wednesday. Despite M&S saying customers "do not need to take any action" aside from changing their password next time they log in, cybersecurity experts are worried. Here's what they want you to do if you have an M&S account. Watch out for phishing scams "We often see a spike in phishing emails, fake delivery texts and scam calls after breaches like this, particularly when order history or usernames are involved," said Charlotte Wilson, head of enterprise at cybersecurity firm Check Point. "This is not about panic, but it is a reminder that cybersecurity is not just about technology," she said. These scams can appear more convincing because hackers can include personal details like your name, address or phone number, stolen in attacks like the one on M&S. "Some criminals may impersonate a well-known organisation and convince victims of their credibility by providing their name, address and date of birth - before using this false credibility to scam the victim out of their money," said Sam Kirkman from NetSPI. 1:21 In fact, the criminal group reportedly behind the M&S attack is known to use tactics like this to scam people. Rather than using software to hack past company firewalls, Scattered Spider hackers target human vulnerabilities and trick people into giving them access. "Remember that we will never contact you and ask you to provide us with personal account information, like usernames, and we will never ask you to give us your password," said M&S operations director Jayne Wall in a message to customers. Stop, challenge, protect Mr Kirkman recommends following the "stop", "challenge" and "protect" steps of Take Five, a national campaign aimed at protecting people from cybercrime: Stop: Take a moment to stop and think before parting with your money or information. It could keep you safe. Challenge: Ask yourself, could it be fake? It's ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you. Protect: Contact your bank immediately if you think you've been scammed and report it to Action Fraud at or on 0330 123 2040. Change passwords M&S said no passwords were stolen in the data breach but Clare Loveridge from cybersecurity firm Arctic Wolf still says it is a "good idea" to change their passwords across all online accounts. "Likewise, taking additional steps like activating two-step authentication will also improve protection, if it's not been done already," she said. This is because attackers may test reused passwords or login credentials stolen in previous data breaches.
