See every side of every news story
Published loading...Updated

Cyber attack on M&S involved 'sophisticated impersonation', chairman says

UNITED KINGDOM, JUL 08 – Marks & Spencer faced a six-week shutdown of online services and a £300 million profit loss after a ransomware attack by DragonForce and Scattered Spider hacker groups, chairman said.

  • On 8 July, Marks and Spencer disclosed that a complex impersonation scheme caused them to halt their online shopping services for close to seven weeks.
  • The initial breach occurred on 17 April via social engineering, where attackers impersonated an employee to reset a password through a third party.
  • The attack is believed to have been carried out by DragonForce, a mostly Russian-speaking ransomware group linked to Scattered Spider, which encrypted servers and stole data.
  • M&S anticipates the cyberattack will result in approximately £300 million in lost profits this year, but plans to offset around 50% of this through strategies such as cost control, insurance claims, and additional actions.
  • The company chose not to deal directly with hackers, shared details fully with authorities, declined to discuss ransom payments publicly, and remains in rebuild mode after a 'traumatic' ordeal.
Insights by Ground AI
Does this summary seem wrong?

33 Articles

All
Left
3
Center
10
Right
2
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources are Center
67% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Evening Standard broke the news in London, United Kingdom on Tuesday, July 8, 2025.
Sources are mostly out of (0)