Marks & Spencer sent a major update after the cyber attack, which paralyzed the high street giant – paying over £1 billion.
The retailer was delayed by a devastating hacker and today warned that contact details and the date of birth of some customers had been stolen.
M&S said other personal details were also stolen by online scammers, including the customer’s order history.
However, retailers’ owners insist that there is no data related to shopper payments or card details or account passwords.
It is not clear how many shoppers are affected by the data breach.
M&S CEO Stuart Machin said the company is writing to customers to inform them that “unfortunately, some personal customer information has been obtained.”
“It is important that there is no evidence that this information has been shared,” he said, adding: “Everyone at M&S works around the clock to get things back to normal as soon as possible and we are very sorry for any inconvenience they have experienced.”
The hack has the potential to cause confusion in Marks & Spencer, which means it cannot handle online orders. The retailer is now warning some customers that personal details have been stolen
Pictured is a complete letter from M&S CEO Stuart Machin, outlining the data breach
British teenagers are linked to the infamous scattered spider hacker group responsible for cyber attacks, which continues to paralyze Max and Spencer’s attacks
It is believed that M&S may take “months” to recover from hackers, which has removed the retailer’s market value by a staggering £1 billion from the retailer’s market value.
M&S shares fell by another 4.7% – meaning high street retailers have been valued more than 12% since Easter hacking, or £10.5 billion.
This puts M&S’ market cap at £7.4 billion.
The latest downturn in the stock price comes as Deutsche Bank analysts estimate the crisis lost £15 million a week, totaling £30 million so far.
Scottish yard detectives are exploring the devastating collapse of M&S, which is believed to be the work of teenage hackers.
The gang also admitted to subsequent attacks on the co-op and said “personal data such as name and contact information” were obtained from its membership program.
Last week, cybercrime group Dragonforce claimed responsibility for the ongoing crisis, which led retail giants to suspend their clicks and collect services.
Dragonforce said their job was not to “destroy” but to “just take some money and go away”, with more than 90 victims last year and targeting companies in various industries.
But now, after the group appears to use the Dark Web Forum to threaten to “punish other hackers’ violations”, new motives and loyalty have been revealed, other plans to use its ransomware in Russia or the former Soviet state.
M&S faces stock issues after cyberattacks, which makes many of their shelves empty
More bare refrigerator shelves in M&S supermarket after cyber attacks paralyzed the chain
A statement claimed to be from the group, released late last month, read: “Any attack on critical infrastructure by our software, patients, children and elderly people being retained, or hospitals in the former Soviet Union countries are provocative [sic] By immoral companion.
It added: “As regulators, we are doing our best to offset this, we will punish any violations and assist in resolving issues with affected parties.”
Recent attacks have also been linked to spiders scattered by the infamous English-speaking teenage hackers.
The collective of cyber scammers is composed of about 1,000 teenagers and young people in the UK and the US and has been blamed for cyber attacks on other major companies.
The scattered spiders use hacking tools developed by Russian groups associated with Blackcat and Alphv, which may indicate that business partnerships between the group can share ransom payments.
However, investigators believe that the attacker used Dragonforce’s hacking tool in this case, which treats itself as a “ransomware cartel” to perform the violation.
The gang has previously been linked to major hackers from incapacitated casino giant MGM Resorts International and Caesers Entertainment.
Since April 25, M&S has been unable to receive any orders through its website or app as it tries to resolve the issue.
The incident first brought problems for contactless payments from retailers and clicked and collected orders, while also affecting some of the supply in the store.
“You don’t need to do anything, but you may receive emails, phone calls or text messages when claiming to be from M&S, so be sure to be cautious.
Pictured shows that after an email received by a ME&S customer, online scammers received personal details from some shoppers at retailers last month.
“Remember, we will never contact you and ask you to provide us with personal account information such as usernames, and we will never ask you to give us a password.”
Tyler Buchanan, the allegedly scattered spider leader, was arrested in Spain last summer, travelled from London to Barcelona and then to Palma de Mallorca.
The 23-year-old from Dundee, Scotland is about to fly to Naples when he was caught by police at the airport and is found controlling a cryptocurrency wallet, totaling more than $26 million (£20 million) in bitcoin.
Buchanan was subsequently extradited to the United States on April 23 on charges of conspiracy to commit wire fraud, conspiracy, wire fraud and aggravated identity theft.
The hacking team is said to target employees of companies across the United States and use harvested employee certificates to log in and steal data and information from non-public companies, and steal virtual currency accounts to steal millions of dollars in cryptocurrency.
Tyler Buchanan was extradited to the United States facing charges related to his role in the scattered spider, in 2016 for
Buchanan is suspected of being subjected to a rival cybercrime cartel after Spanish police fled to Mallorca
Buchanan was considered a flight risk and was released on bail when he appeared in California.
Last week, Buchanan allegedly made a run after his mother landed at her home in Dundee, Scotland.
The scam reportedly equipped the ignited blowtorch and asked his crypto account to provide a password.
Neighbors say they have not seen him since raiding at his home in February 2023.
They told the Sun that a car appeared, four to five men “stacked” and then entered the house and threatened to burn Buchanan if he refused to provide them with information.
According to reports about the encrypted messaging app Telegram, which was frequently seen by Buchanan under the username “Tylerb”, a rival network gang hired the men to hack his home.
The same claims claim that his mother was beaten by the invaders.
