Ransomware cyber

Marks and Spencer

May 13, 2025 1 min read
Marks and Spencer

Marks and Spencer (M&S) has confirmed that customer information has been taken following a cyberattack. The attack has caused significant disruption, with online orders still affected weeks later. In a letter to customers, the retail giant revealed that personally identifiable information (PII) has been stolen by cybercriminals. This forced the firm to disable online shopping orders, click and collect, and contactless payments in some stores. The incident, which seems to have been a ransomware attack, took systems offline and caused undeniable disruption to the retailer’s operation.

Source: https://www.techradar.com/pro/security/customer-data-stolen-in-m-and-s-cyberattack

TPRM report: https://scoringcyber.rankiteo.com/company/marks-and-spencer

"id": "mar347051325",
"linkid": "marks-and-spencer",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Retail',
                        'name': 'Marks and Spencer',
                        'type': 'Retail'}],
 'data_breach': {'personally_identifiable_information': True,
                 'type_of_data_compromised': 'Personally Identifiable '
                                             'Information (PII)'},
 'description': 'Marks and Spencer (M&S) has confirmed that customer '
                'information has been taken following a cyberattack. The '
                'attack has caused significant disruption, with online orders '
                'still affected weeks later. In a letter to customers, the '
                'retail giant revealed that personally identifiable '
                'information (PII) has been stolen by cybercriminals. This '
                'forced the firm to disable online shopping orders, click and '
                'collect, and contactless payments in some stores. The '
                'incident, which seems to have been a ransomware attack, took '
                'systems offline and caused undeniable disruption to the '
                'retailer’s operation.',
 'impact': {'data_compromised': ['Personally Identifiable Information (PII)'],
            'downtime': ['Online orders affected for weeks'],
            'operational_impact': ['Significant disruption',
                                   'Systems taken offline'],
            'systems_affected': ['Online shopping orders',
                                 'Click and collect',
                                 'Contactless payments']},
 'response': {'communication_strategy': ['Letter to customers'],
              'containment_measures': ['Disabled online shopping orders',
                                       'Disabled click and collect',
                                       'Disabled contactless payments in some '
                                       'stores']},
 'title': 'Marks and Spencer Data Breach and Ransomware Attack',
 'type': 'Ransomware Attack'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.