Hackers violated M&S’s “IT system” through contractors and spent 52 hours plundering data before cyberattacks – now stores work 24 hours a day to resolve the crisis

Insiders revealed that the hackers did not find any of Marks and Spencer’s systems for up to 52 hours before finally discovering a devastating cyber attack.

It is said to be from a scattered spider group, allegedly used from a scattered spider group, which is allegedly utilizing contractors to access retailers’ advanced IT systems.

Now, three weeks later, the crisis continues to plague the staple food on British Avenue, with staff working up to 24 hours a day and continuing “sleepless nights” to fix it.

Speech eraSources said the fatal attacks subsequently resulted in a reduction of the company’s value on the stock exchange by £1 billion, which was caused by “human errors” and led to “huge mistakes”.

As hackers worked for more than two days, the crisis team struggled tirelessly throughout the five-day “attack phase” to protect the beloved British store, which often visits 9.4 million active customers.

Acknowledges that criminals are able to obtain the details of the “masked” payment card used for online purchases, usually the last four digits of the card, and other data that may be stolen may include name, email address, postal address, phone number, date of birth, online order, online order history and family information.

While it is not clear how many shoppers were affected by the attack, some customers have reported an increase in the number of scam messages and emails received, pretending to be M&S.

A source told the Times that the fatal attack caused the company to save £1 billion worth of the stock exchange, which was caused by “human errors” and led to “huge mistakes”. Picture: Stuart Macchin, CEO of M&S

Pictured: Empty shelves in the trademark and Spencer store in Paddington, London on April 29 due to stock issues caused by the attack. Since then, several clients have reported an increase in the number of scam messages and emails received

In a previous letter to clients, Jayne Wall, director of operations at M&S, urged people to be cautious and avoid providing any personal details to unknown callers.

“Unfortunately, the nature of the incident means that some personal customer data has been obtained, but there is no evidence that it has been shared.

‘Personal data may include contact information, date of birth and online order history. However, it is important that the data does not include available card or payment details and does not include any account passwords.

Ms Wall added: “You don’t need to do anything, but you may receive emails, phone calls or text messages claimed to be from M&S, so be cautious.

“Remember, we will never contact you and ask you to provide us with personal account information such as usernames, and we will never ask you to give us a password.”

Although customer data has not yet appeared on the leaked site, experts have not ruled out the possibility, and Sophos Intelligence Director Rafe Pilling stressed that hackers could “harness data” from vulnerabilities.

It is believed that the main British and American online hackers are British and American online hackers, who are responsible for the scattered spider groups due to the pattern of attacks, and their use of DragonForce software to help hackers break into the store’s systems.

Customer data has not appeared on the leaked website yet, but experts have not ruled out that it may be possible, while Sophos intelligence company Rafe Pilling stressed that hackers could “harness data” from violations

The devastating attack came as M&S awaited the May 21 annual results announcement. Pictured: Empty shelves on empty shelves after the attack

Dan Coatsworth, investment analyst at AJ Bell, warns that 2025’s history is becoming one of the worst years of all time

The devastating attack was because M&S awaits the annual financial results announcement on May 21.

M&S CEO Stuart Machin, along with Chairman Archie Norman, is away from the world where it made £840 million profit in the last fiscal year, where it made £840 million profit.

Indeed, Dan Coatsworth, investment analyst at AJ Bell, warned that 2025 is “being one of the worst years in history”.

“M&S has the responsibility to notify customers as soon as possible when illegally accessing their personal information, so it is worried that it took a long time for retailers to make it public.”

M&S shareholder Danny Wallace told the Times he was “disappointed” with the two businessmen, but he accepted that “someone must be blamed.”

Meanwhile, Alan Woodward, a professor of cybersecurity at the University of Surrey, said he believes the store still fails to resume its online sales because customers have been unable to accept any orders through the website or app since April 25, “which suggests that their preparations are a bit worse than they might have been.

The Information Commissioner’s Office said on May 2 that it is also studying the attacks, as well as similar major events involving M&S competitors, the Co-operative

While stock is expected to return to the store this weekend, it is understood that it quickly plugged its computer system into the company shortly after receiving M&S’s advice.

Retail expert Richard Hyman described the attack as an “embarrassing retail expert, who believed that the retailer, which first opened in 1884, would undoubtedly “survive” the financial impact of the attack, as well as any damage to its reputation.

The Information Commissioner’s Office said on May 2 that it is also studying the attacks, as well as similar major incidents involving M&S competitors’ cooperatives.

After hackers accessed and extracted members’ personal data (such as names and contact information), the business was forced to apologize to customers and continued to suffer from availability issues due to the attack.

While stock is expected to return to partner stores this weekend, it is understood that it quickly pulled the plug of its computer system away shortly after receiving the M&S advice.

“We are working closely with law enforcement partners to investigate. We are considering incidents separately. However, we are paying attention to them that may be linked, so this will continue to be reviewed.”