Marks & Spencer Confirms Personal Data Breach: Customers' Information Stolen in Major Hack

Marks & Spencer Confirms Personal Data Breach: Customers’ Information Stolen in Major Hack

In recent news, U.K. retail giant Marks & Spencer has confirmed a significant data breach, revealing that hackers accessed personal information of its customers. This cyberattack, which occurred last month, has raised concerns regarding data security in the retail sector.

Details of the Cyberattack on Marks & Spencer

In a statement released to London’s stock exchange, Marks & Spencer disclosed that an unspecified amount of customer information was compromised during the incident. According to a report by the BBC, the stolen data includes:

  • Customer names
  • Dates of birth
  • Home addresses
  • Email addresses
  • Phone numbers
  • Household information
  • Online order histories

Actions Taken by Marks & Spencer

In response to the breach, Marks & Spencer has initiated a password reset for its online accounts to enhance customer security. However, the company continues to face significant disruptions across its operations:

  • Some grocery shelves remain empty due to operational challenges.
  • The online ordering system is currently offline.

Impact on Customers and Retail Sector

While Marks & Spencer has not disclosed the exact number of affected individuals, the retailer had approximately 9.4 million online customers as of March 30, 2024, according to its latest annual report. A spokesperson for the company, Alicia Sanctuary, directed inquiries to the official statement without providing further details.

Other Retailers Targeted

Marks & Spencer is not alone in this cyber crisis. The DragonForce gang has claimed responsibility for attacks on several U.K. retailers, including the Co-op and Harrods. Initially, the Co-op reported no evidence of data theft but later acknowledged that customer data was indeed compromised. The stolen information included:

  • Customer names
  • Dates of birth
  • Home and email addresses
  • Phone numbers
READ ALSO  Tata Technologies Faces Ransomware Attack: Ongoing Investigation into IT Asset Breach

Recent reports indicate that DragonForce claims to possess the private information of around 20 million individuals who participated in the Co-op’s membership program.

Government Response and Cybersecurity Measures

The U.K. National Cyber Security Centre has stated that it is collaborating with the affected retailers and law enforcement agencies to investigate the breaches and improve cybersecurity measures within the retail sector.

As concerns grow over data privacy, consumers are advised to remain vigilant and monitor their accounts for any suspicious activity. For more information on protecting your personal data, visit FTC – How to Keep Your Personal Information Secure.

Similar Posts

Ultimate TechCrunch Cyber Glossary: Your Go-To Guide for All Things Cybersecurity

Ultimate TechCrunch Cyber Glossary: Your Go-To Guide for All Things Cybersecurity

Bysupport

TechCrunch has created a comprehensive glossary to clarify common cybersecurity terminology for professionals and enthusiasts. This resource will be regularly updated to reflect evolving terms in the field. Key terms include Advanced Persistent Threat (APT), which refers to long-term unauthorized access by hackers; backdoor, a method to bypass system security; and botnet, a network of compromised devices used for attacks. Other terms discussed include ransomware, phishing, and vulnerabilities. The glossary aims to enhance understanding of cybersecurity concepts and welcomes feedback for improvement. For further details, readers can explore TechCrunch’s cybersecurity section or reference credible sources like CISA and Kaspersky.

Chris Krebs, Ex-CISA Director, Stands Strong Against Trump-Ordered Federal Investigation

Chris Krebs, Ex-CISA Director, Stands Strong Against Trump-Ordered Federal Investigation

Bysupport

Chris Krebs, the former cybersecurity chief under Trump, plans to challenge a federal investigation initiated by Trump, which questions his integrity for allegedly denying the legitimacy of the 2020 election. Krebs will resign from cybersecurity firm SentinelOne to confront the investigation, which has led to the revocation of his security clearance. He voiced concerns about government overreach, stating it punishes dissent and affects corporate relationships. Krebs, dismissed in November 2020 after contradicting Trump’s election claims, is part of a broader movement opposing the Trump administration’s targeting of critics. The outcome of his legal battle could impact cybersecurity governance in the U.S.

Unveiling the Truth: What PowerSchool Isn't Telling You About Its Massive Student Data Breach

Unveiling the Truth: What PowerSchool Isn’t Telling You About Its Massive Student Data Breach

Bysupport

The recent PowerSchool data breach is one of the year’s most significant cybersecurity incidents, affecting millions of students and schools across the U.S. PowerSchool, a K-12 software provider, confirmed unauthorized access through its customer support portal, exposing sensitive personal information, including Social Security numbers. The breach, discovered on December 28, 2024, involved compromised credentials and lacked multi-factor authentication. Critical questions remain regarding the scale of the impact, extent of data theft, and ransom payment details. Schools are now working to protect students’ personal information amidst ongoing frustrations over PowerSchool’s lack of transparency. Updates are expected as the situation unfolds.

Exploring the Influential Figures in Elon Musk's DOGE Universe

Exploring the Vibrant Community Behind Elon Musk’s DOGE Universe

Bysupport

Elon Musk has established a vast network of companies that serves as an incubator for engineering and tech talent, intersecting with the U.S. federal government through the Department of Government Efficiency (DOGE). This collaboration highlights Musk’s influence in the tech industry, with a TechCrunch investigation revealing key individuals linked to him within DOGE. The team includes Musk as the lead, along with experienced insiders and engineers dedicated to improving government efficiency. The investigation utilized public records and interviews, uncovering insights like an xAI-powered chatbot related to DOGE. The evolving team aims to enhance governmental operations while attracting top talent.

Conduent Confirms Cybersecurity Incident Behind Recent Outage

Conduent Confirms Cybersecurity Incident Behind Recent Outage

Bysupport

Conduent, a U.S. government contractor, confirmed that a recent outage affecting critical support services was due to a cybersecurity incident, causing disruptions for residents dependent on services like child support and food assistance. While the company stated that the incident was contained and systems have been restored, it did not clarify if any systems were compromised or if data was exfiltrated, raising concerns about security measures. The outage has significant implications, including potential delays in payment and uncertainty regarding data privacy. Stakeholders are urged to stay informed as the situation evolves.

MGM Resorts Reaches Settlement After Major Data Breach Exposes Millions of Customer Records

MGM Resorts Reaches Settlement After Major Data Breach Exposes Millions of Customer Records

Bysupport

MGM Resorts has agreed to a $45 million settlement to resolve class-action lawsuits related to two significant cyberattacks that compromised personal data of millions of customers. The settlement, noted in a court filing, awaits approval from a Las Vegas federal court, with a ruling expected on June 18. The breaches occurred in 2019 and 2023, affecting over 37 million customers. The settlement allocates about 30% for attorney fees, with class action participants potentially receiving up to $75 each. MGM aims to enhance security measures to prevent future incidents as concerns over data protection in the hospitality industry grow.

Leave a Reply

Your email address will not be published. Required fields are marked *