Marks & Spencer (M&S), a fashion retail giant, experienced a cyberattack carried out by a group of English-speaking hackers using the illicit service DragonForce. The attackers used social engineering to gain access to M&S systems through a third party. The incident resulted in a significant financial loss, with the company reporting a loss of operating profit amounting to nearly 300 million pounds ($403 million). The attack raised concerns among shareholders and led to an internal investigation by TCS, the IT service provider for M&S.
TPRM report: https://scoringcyber.rankiteo.com/company/marks-and-spencer
"id": "mar821061925",
"linkid": "marks-and-spencer",
"type": "Cyber Attack",
"date": "6/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Fashion',
'name': 'Marks & Spencer',
'type': 'Retail'}],
'attack_vector': 'Social Engineering',
'date_publicly_disclosed': '2025-06-19',
'description': 'A group of English-speaking hackers used the illicit service '
'known as DragonForce to carry out a cyberattack on the '
'fashion retail giant Marks & Spencer. The attack was carried '
'out through social engineering, where hackers pretended to be '
'someone trustworthy and tricked an employee into giving out '
'passwords or login access.',
'impact': {'financial_loss': '300 million pounds ($403 million)'},
'initial_access_broker': {'entry_point': 'Third-party access'},
'investigation_status': 'Ongoing',
'motivation': 'Extortion',
'post_incident_analysis': {'root_causes': 'Social engineering and third-party '
'access'},
'references': [{'date_accessed': '2025-06-19', 'source': 'Reuters'},
{'source': 'BBC'},
{'source': 'The Financial Times'}],
'threat_actor': 'DragonForce',
'title': 'Cyberattack on Marks & Spencer',
'type': 'Cyberattack',
'vulnerability_exploited': 'Human Factor'}