British Retail Giant Marks & Spencer (M&S) and the Iconic Knightsbridge Department Store, Harrods, Have the Become The Latest to Be Hit by Cy Cyberattacks in the UK.
Online Orders at M&S, One of the United Kingdom’s Most Prominent High-Street Stores, Remain Paused and the Attack Has Already Cost The Company Millions of Pounds in Lost Reveues.
Here is What We know about the incident, its effects and Where Things Stand.
What Happened in the Cyberattack On Harrods and Marks and Spencer?
- April 21: CUSTOMRS BEGIN REPORTING ISSUES MAKING CONTACLESS PAYMENTS AND BOOKING CLICK-AND-COLLECT SERVICES (ORDERING ONLINE AND PICKING UP IN STORE) AT MARKS & SPERC. SIDE THAT Day, The Company confirms it is dealing with a “Cyber Incident”.
- April 25: M&S suspends All online Orders and Pulls its More than 200 Job Listings offline. Signs Begin Appearing in Stores Warning of Limited Food Availability. Gift Cards and Returns at M&S Food Stores Cannot Be Processsed.
- April 28: Som M&S Stores Report Emty Shelves and A Shortage of Popular Items Like Percy Pigs Sweets. ABOUT 200 AGENCY WORKERS AT THE CASTE DONINGTON WAREHOUSE IN THE UK’S EAST MIDLANDS ARE TOLED TO STAY HOME. Stores Continue to Suffer From Shortages.
- April 29 – May 2: M & s’s website remable to process online orders; Job Applications are Still Paused. The retailer has issued no Further Public Updates. Physical Stores Remain Open, But Sub Product Lines Remain Unavilable.
- April 30: The United Kingdom’s Metropolitan Police Force Confirms It is investigating the Attack.
- May 1: UPMARKET LONDON DEPARTMENT STORE HARRODS CONFIRMS A CYBERTACK BUT ASSURES CUSTOMERS THAT ITS OPERATIONS CONTINUE AS NORMAL. The Company has not revealed How Severe The Breach is or if customer data has been exposed.
Is M&S Back Online?
M & S’s Online Services have not full sumumed. CUSTOMERS CAN BROWSE ONLINE BUT THE CANNOT COMPLETE PURCHASES. Sub Difficulties Also Continue In Stores, With Gift Cards Not Currently Being Accepthed.
The Company has not provided Timeline for Recovery.
WHY WERESESE RETAILERS ATTACED?
Although M & s has not confirmed the type of cyberattack it suffered, experts say the company Shutdown of Systems Points to a Likely Ransomware Incident.
RANSOMWARE IS A TYPE OF MALICIOUS SOFTWARE WHICH BLOCKS ACCESS TO FILES OR SYSTEMS UNTIL A RANSOM HAS BEEN PAID – USUALLY IN CRYPTOCURRECY. This Sort of Software Can Shut Down Operations and Hold Critical Data Hostage.
Harrods have not shared details about it Cyberattack, but experts Believe the incidents may be connected.
Both The Metropolitan Police and the National Cyber Security Center (NCSC) are investigating the cyber attacks. The NCSC you have urged all retailers to tighten their cybersecurity and advise consumers to check bank activity and update passwords.
WHHO IS BEHIND THE LATEST CYBERTACK?
The Attack On M & s has Been Linked by Cybersecury Observers to a Group Calle Scattered Spider, which is Also Known as Octto Tempest.
This Network of Mostly Young, English-Speaking Ho-Use Tricks Like Phishing Number) and multi-factor authentication fatigue (Sending Repeated Login Requets Until Subject Acknowledby APPROVES ONE) TO BREAK INTO COMPANY SYSTEMS.
Scattend Spider is Believed to have access to M&S Systems Using Ransomware Calle Dragonforce.
ONE OF THE MOST COMMON WAYS RANSOMWARE INFILTATOS A SYSTEM IS THRUTH PHISHING EMAILS, ACCORDING TO CYBERSECURITY FIRM AKAMAI. COMMON TO ALL THE METHODS IS “THE AIM OF EXPLOITING EITHER A HUMAN ERROR OR A TECHNICAL VULNERABILITY”, ITS WEBSITE EXPLANS.
Once Inside, The Malware Sp preads and Encrypts Important Files, Locking Them So The Company Can’t Access Or Use Them. The Hackers Than Demand A Ransom in Exchange for a Key to Unlock The Data.
Tim Mitchell, a Senior Security Researcher at SecureWorks, Toled The UK’s Guardian Newspaper that scattred spider is an unusual hacking Group Because Most Cybercriminal Networks Tender To Operate Out of Counter Like Russia, WHERE LOOSER ENROCORCEMENT PROVIDES A MAN Environment ”for Cybercrime.
The World Cybercrime Index Ranks Russia As The Country Posing the Highest Cybercrime Threat, Followed by Ukraine, China, The United States, Nigeria and Romania.
How Much Has This Attack Cost The Companies?
Since The Attack, More than 700 Million Pounds ($ 930m) You have been wiped off Marks & Spencer’s Market Value, With ITS Share Price Falling 6.5 Percent – Including at 2.2 Percent Drop on the First Day of Disruptions Alone.
Online Shopping, Which Makes Up About One-Third of M & S’s Clothing and Home Sales, Generates Roughly 3.8 Million Pounds ($ 5.05m) In Daily Revenue-A Stream Now Halted Due to The Ongoing Shutdown.
The Company Has Also Paused Recruitment, Remaving Nearly 200 Job Listings from its Website.
Harrods, Meanwhile, you have not disclossed Any Financial Losses. As a Privately Held Company, It Does Not Have a Stock Price and Typically Does Not Make ITS Financial Information Public.
How Have Harrods and M&S replied?
M&S Initially replied promptly to the cyberattack, informing customs of the breach and pausing affected Services Early on. However, Communication you have since Stalled, with only official statements surveased – The Last on April 25.
The retailer confirm it took systems offline “As a precaution”, Affecting Both in-Store Stock and Logistics.
Harrods, Meanwhile, you have not disclossed Any Financial Losses. A Spokesperson Said Harrods Is “Working Closely With Leading Cybersecury Experts and Law Enforcement to Investigate The Incident and Reure The Integrity of Our Systems.”
Has similar Cyberattacks Occurred Recently?
Forks. M&S and Harrods are the latest in the uk to be affected by cyberattacks.
Co-Operative Group (CO-OP), A British Consumer Cooperative That Operates Food Stores, Funeral Services and Other Businesses, Also Faced An Attempted Breach The Same Week. IT Shut Down Parts of its It System, Affecting Back-Office and Call Center Functions. Retained Open stores.
Synnovis, a partner of the uk’s National Health Service, was by by a ransomware Attack in June 2024, Delaying More than 11,000 Medical Appointments While Patient Data It Relied on Was Locked. The Russian-Linked Cybercriminal Group, Qilin, Demanded $ 50m to Restore Access, But Synnovis Refused to Pay, Adhering to the UK Government’s Policy Against Paying Cybercriminals. In Response, The Group posted the Stolen Data Online Including Names, Dates of Birth, NHS Numbers and Details of Blood tests.
ACCORDING TO THE UK GOVERNMENT’S CYBER SECURITY BREACHES SURVEY, 74 PESENT OF LARGE BUSINESES WERE TARGEDED IN CYBERATTACKS IN 2024. THE INFORMATION COMMISSIRENER’S OFFICE ALSO REMINED 40 PERENT RISE IN DATA BREACHES IN THE RETAIL SECTOR IN 2023 ALONE.
