The supermarket was struck by a devastating cyber attack in April, which is projected to cost the business around £300 million
Marks & Spencer (M&S) has relaunched its website this week after a devastating cyber attack forced it to halt orders. The ransomware incident, which occurred in April, is believed to have resulted from ‘human error’ and is projected to cost the retail giant around £300 million.
While customers can once again purchase certain fashion and home products for delivery across England, Scotland, and Wales, it is important to recognise that some personal data was compromised during the hack.
This could have included names, email addresses, phone numbers, postal addresses, and dates of birth, as well as details related to online order history. So, what does this mean for you?
The Mirror has now spoken to Kian Rogers, a Penetration Tester at cybersecurity consultancy SecQuest, about the implications of such a leak. Although Kian said that technical information on the attack is still quite limited, there is one key thing that shoppers should keep in mind.
“Full names, date of birth, phone numbers, email addresses and entire order histories could have been stolen by ‘the group’,” the specialist explained. “Fortunately, M&S have stated that no passwords were stolen.
“…Although the stolen business information did not include passwords, M&S are forcing every user to change their password next time they log in, which is a great precaution to take. Now, the main risk to the average customer comes in the form of scams attempting to leverage the stolen business information.”
READ MORE: PMDD red flags as Vicky Pattison opens up about health battle
Unfortunately, cybercriminals are becoming increasingly adept at exploiting leaked personal data like phone numbers for a range of illegal activities. Consequences may vary from bothersome spam calls to advanced ‘phishing attacks,’ where criminals employ deceptive tactics to mislead victims into disclosing sensitive information.
Kian continued: “Customers who have shopped with M&S before should remain extra vigilant against scammers attempting to use this information. This could come in many forms, such as emails or phone calls, where the scammers claim to be legitimate and verify themself by using this stolen information.”
It’s crucial to note that while some personal customer data has been taken, there is currently no evidence that it has been shared. The compromised data also does not include usable payment details.
Only a few of the supermarket’s top-selling ranges can be delivered at this time, but M&S said there will be ‘an improvement every day’. While the supermarket is projected to reduce its group operating profits by around £300 million this year, it plans to offset this impact through cost management, insurance claims, and additional strategies.
READ MORE: Jamie Theakston in tears as he tells Davina McCall of ‘huge shock’ of diagnosisREAD MORE: Davina McCall says one thing was ‘the last bit of joy’ to return after brain surgery
In its most recent update, a supermarket spokesperson said: “A selection of our best-selling fashion ranges are now available online for home delivery to England, Scotland and Wales from today.
“More of our fashion, home and beauty products will be added every day and we will resume deliveries to Northern Ireland and Click and Collect in the coming weeks. Thank you sincerely for your support and for shopping with us.”
They also added: “More of our fashion, home and beauty ranges, as well as food and flowers, will be added over the coming weeks. You should see an improvement every day.”
M&S has been approached for further comment.
Get all the hottest shopping deals, cash-saving tips and money news straight to your phone by joining our new WhatsApp Community – The Money Saving Club. Just click this link to join https://crnch.it/eutplxS1
We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don’t like our community, you can check out any time you like. If you’re curious, you can read our Privacy Notice here https://crnch.it/jeQqC872
