Veteran uk retailer Marks & Spencer (M & s) have apologized to customers after a cyber increasent of a Currently undiscLosed natural forced multiple public-facing services offline, with shoppers predictably Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Taking Droves to Laurement The outages.
In a note published on the after 22 April, the company Reveled It Had Been “Managing a Cyber Incident” Affecting Contactless Payments and Online Click-COLICK-COLICK-COLCK-COLCT SIRVICES Over the Easper Bank Holiday.
According to reports, a Second Technical Problem Occurred at the Weekend affecting only contactless payments,
“As soon as we become aware of the insurance, it was negamentary to make some minor, temporary changes to our stores to protect current and the business and we are so sorry for any inconvenience Experienced, “A spekesperson said.
“Importantly, our stores remain open and our website and app are operating as normal.
“Customer Trust is incrededibly Important to us, and if the situation changes an update will be provided as approveded as approves,” They added.
M & s additionally said it has enlisted Third-Parthy Cyber Forensics to Assist With Incident Management, and is Taking Further Actions to Protect its network and ensure it can contenta to maintenue to maintenue to maintain Services.
Computer weekly also also undress the cyber attack has been reported to the information commissioner's office (ICO) and the National Cyber Security Center (NCSC).
“The incident at marks & spencer services as a reminder of the interdependencies in modern retail operations. Issue Can have-Reaching Consequences Across an entreenization, “said Javvad Malik, Lead Security Awareness Advocate at Knowbe4,
“M & S's Prompt Communication and Engagement with the ICO Demonstrate a Commented Level of Transparency and Regulatory Compliance. Management strategies. “
Although Unconfirmed at this stage, the nature of the attack's impact, and the language deployed by m & s, sugges that the retailer may be dealing with the impact of a ransomware Attack on certain systems.
Retailers are vulnerable
But regardless of the precise nature of the incident, it is by no means an islated one, with retailers frequent in the crosseshairs of Threat actors.
For example, retailers have high public brand awareness upon which cyber criminals like to capitalise for their own fame and notoriety.
Added to this, Cyber Criminals Can Use The Seasonal Nature of the Retail Sector to ramp up pressure on the Victim by disruptting their business at a critical point and making them more like to getly to extracts – the timing of the M & s Incident over the long easy weekend may bear this out.
Meanwhile, the growth of omnichannel approaches to retail increases
According to NCC GroupThe Consumer Cyclics (Non-SESINIL Purchases) and Non-Cyclics (Essential Purchases) sector, which both encompass retailers in general, was the second and Fifth Most Targeted VRETICALS by Cyber Criminal Ransomware Gangs in the First Half of 2024.
“There is an urgent need for all sectors to respond to this increase targeting from threat actors, but especially these storing huge amounts of data,” Said Matt Hull, “Said Matt Hull, Global Head of Threat Inteligence At NCC Group.
“Now more than ever businesses should expect to be a target for cyber criminals and take a proactive approach to security rather rather rather than waiting for potential threats to strike.”