The Marks & Spencer chain of stores has been hit by a cyberattack that has leaked customer data, AFP reported on Tuesday, citing a statement from the company. Customers are unable to shop online or pay by contactless payment.
“Due to the sophisticated nature of the incident, some personal data (of customers) was stolen,” the British company said in a statement. However, it stressed that no transaction data was stolen because the company does not save it on its servers.
Marks & Spencer has notified customers affected by the cyberattack, but has not said how serious the incident is. It said customers do not need to take any action other than changing their password. “There is no indication that (stolen) data has been shared further,” the company added.
The cyberattack took place on April 25, but its effects are still being felt. Marks & Spencer is not the only company to fall victim to it. British multi-sector consumer cooperative Co-op and luxury department store Harrods have also had serious problems with their websites.
The BBC reported that a hacking group operating under the name of DragonForce has claimed responsibility for the attack on Marks & Spencer, Co-op and Harrods. The alleged perpetrators have vowed to repeat the attacks. After blocking the companies' computer systems, the hackers are demanding a ransom to unblock them.
Marks & Spencer has closed its brick-and-mortar stores in Poland after serious financial problems, but is still active online, where it has an offer for Polish customers. (PAP)
awm/ ap/
