The Marks and Spencer (M&S) cyberattack that occurred last month on April 22, 2025 managed to use Scattered Spider social engineering tactics to breach the network, encrypt VMware ESXi virtual machines on the company’s servers and then impact business operations for the retailers 1,400 stores so severely that the company has to stop accepting online orders.
Now, M&S confirms that additionally customer data was stolen in the cyberattack. Specifically: full names, email addresses, home addresses, phone numbers, dates of birth, online order history, household information, Sparks Pay reference numbers and “masked” payment card details.
BleepingComputer was the first to report that DragonForce ransomware affiliates were responsible for the attacks. Since the breach M&S has been conducting an investigation which revealed the theft of customer data and sensitive personal information.
Despite that, M&S CEO, via a letter on the company’s Facebook page has said there is no need for customers to take any action. The letter also states there is no evidence that the stolen data has been shared, and there is no evidence that any usable card or payment details were taken. The company said customers have been written to inform them of the details.
How to stay safe
While all customers with active M&S accounts will be prompted to reset their passwords the next time they attempt to log in using either the website or the app, it's always a good idea to reset a password after a data breach. You can also sign up for one of the best password managers to make sure your passwords are better protected and easy to change as well.
Also, an M&S spokesperson warned BleepingComputer that customers might receive emails, calls or texts claiming to be from M&S or asking for personal information like usernames and passwords. M&S customers should be particularly on guard against these types of phishing attempts and should never give out personal information to anyone claiming to be from the company.
For added protection, you should also check out some of the best identity theft services as well, which will help protect you against anything that could go wrong like having your identity stolen or losing money to fraud after your data is stolen in a breach.
More from Tom's Guide
- iOS 18.5 is here with fixes for more than 30 security flaws — update your iPhone right now
- Mac users once skipped antivirus software — here’s why that’s no longer a good idea
- Hackers target popular student site iClicker to spread malware via ClickFix attacks — how to stay safe
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
