Marks & Spencer hackers appear to protect ‘former Soviet states’ from attacks
Marks & Spencer hackers appear to protect ‘former Soviet states’ from attacks
DragonForce group also says it has targeted Co-op and Harrods in cybercrime spree
Hackers who bragged about crippling Marks & Spencer’s systems and breaching Co-op Group databases appeared to have vowed to protect “the former Soviet Union” from the technology used in the attacks.
The DragonForce cybercrime group appeared to use a dark web forum to issue a threat to “punish any violations” by fellow hackers planning to use its ransomware in Russia or the former Soviet states – the first indication of any allegiance.
The group, which licenses its ransomware to other hacking gangs for a fee, claimed responsibility for an attack that has left shelves at some branches of M&S bare and has forced the company to suspend online orders.
A separate attack on the Co-op led to a data breach and customer details being stolen, and the group has also been linked to an attempt to hack systems at Harrods.
“Any attack by our software on critical infrastructure, hospitals where critical patients, children, and the elderly are kept, or on the countries of the former Soviet Union, is a PROVOCATION by unscrupulous partners,” read a statement which claimed to be from the group, released at the end of last month.
“We, as regulators, are doing our best to counteract this, and we will punish any violations, as well as assist in solving the problems of the affected parties.”
U.K. retail giant Marks & Spencer has confirmed hackers stole its customers’ personal information during a cyberattack last month.
In a brief statement with London’s stock exchange on Tuesday, the retailer said an unspecified amount of customer information was taken in the data breach. The BBC, which first reported the company’s filing, cited a Marks & Spencer online letter as saying that the stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information and online order histories.
The company also said it was resetting the online account passwords of its customers.
Marks & Spencer continues to experience disruption and outages across its stores, with some grocery shelves remaining empty after the hack affected the company’s operations. The company’s online ordering system for customers also remains offline.
It’s not clear how many individuals’ data was stolen during the hack. When reached by TechCrunch, Marks & Spencer spokesperson Alicia Sanctuary would not say how many individuals are affected and referred TechCrunch to its online statement. Marks & Spencer had 9.4 million online customers as of 30 March 2024, per its most recent annual report.
Some Marks & Spencer (M&S) stores have been left with empty food shelves as the retailer continues to struggle with a cyber attack affecting its operations.
Online orders have been paused on the company's website and app since Friday, following problems with contactless pay and Click & collect over the Easter weekend.
The BBC understands food availability should be back to normal by the end of the week.
Meanwhile, security experts say a cyber crime group calling itself DragonForce is behind the mayhem.
The firm has stopped taking orders on its website and apps, including for food and clothes.
Marks & Spencer (M&S) says it has stopped taking online orders as the company struggles to recover from a cyber attack.
Customers began reporting problems last weekend, and on Tuesday the retailer confirmed it was facing a "cyber incident".
Now, M&S has entirely paused orders on its website and apps - including for food deliveries and clothes - and says it will refund orders placed by customers on Friday.
The firm's shares fell by 5% following the announcement, before recovering.
Online orders remained paused on Saturday morning.
"We are truly sorry for this inconvenience," the retailer wrote in a post on X.
"Our experienced team - supported by leading cyber experts - is working extremely hard to restart online and app shopping.
"We are incredibly grateful to our customers, colleagues and partners for their understanding and support."
