Marks & Spencer (M&S) experienced a significant cyberattack that led to the temporary suspension of online orders and contactless payments. The company responded by restricting remote-working staff's access to internal IT systems, a common containment strategy to prevent further damage.
The attack caused a 4% drop in M&S's share price. The company's online clothing and home sales, amounting to ÂŁ1.3 billion last year, were significantly impacted. M&S reported the incident to the Information Commissionerâs Office and is collaborating with the National Cyber Security Centre.
Cybersecurity experts suggest the attack exhibits characteristics of a ransomware attack. The decision to disable the VPN is a standard procedure to contain the spread of the attack. The incident highlights the significant costs associated with such breaches, including financial losses, legal fees, and potential regulatory fines.
The article cites examples like Capita (ÂŁ20-ÂŁ25 million loss) and MGM Resorts ($100 million loss) to illustrate the substantial financial impact ransomware attacks can have on major companies.
Marks & Spencer has locked remote-working staff out of some of its IT systems to contain the fallout from a cyberattack that continues to cripple the retailer.
The chain has closed some of its programs that employees use to log into the internal IT systems when working away from the office.
Cybersecurity experts said the move to cut off its virtual private network (VPN) was most likely to stop the attack from spreading throughout M&Sâs IT infrastructure.
Sources close to the company said staff could still work from home, but that access to its internal systems had been scaled back while it dealt with the attack.
M&S, which has 65,000 staff, has suspended taking online orders and many of its shoppers were unable to use contactless payments for parts of last week. As of Saturday morning, customers were able only to browse rather than buy items on its website. Shoppers with click-and-collect orders have been advised to wait for a âready to collectâ email before venturing to a store.
The companyâs shares have fallen by 4 per cent since the attack, which it first acknowledged on Tuesday. The hit is potentially significant: last year, M&S generated ÂŁ1.3 billion of sales from online orders in its clothing and home business â more than a third of its overall clothing and home revenues of ÂŁ3.8 billion.Kevin Beaumont, a cybersecurity researcher, said the attack âcertainly has the hallmarks of ransomwareâ. He added that switching off the VPN âis a usual first-stage containment step to cut off the threat actorâ.A ransomware attack is a type of breach where cybercriminals steal data from a company and lock its IT systems, demanding payment in return for restoring access and not releasing the data. It is a popular extortion tactic among Russian hackers.⢠Government updates cybersecurity code in face of âalarmingâ threatsThe US Cybersecurity and Infrastructure Security Agency advises companies that have been hit by a ransomware attack first to contain it, isolating affected IT systems by taking them offline so hackers cannot move laterally to other parts of the network. Companies are then advised to draft in experts to discover how a breach happened and to employ âwhite hatâ hackers to help eradicate the ransomware and recover their systems.The costs of a hack are significant for large companies, which in response often have to draft in large teams of lawyers, as well as technology firms. Payouts may also be on the cards if they lose customer or client data.The IT outsourcing company Capita estimates that a ransomware breach in 2023 cost it between ÂŁ20 million and ÂŁ25 million â and that is before a potential fine from the data regulator, the Information Commissionerâs Office. MGM Resorts, which runs casinos and hotels in Las Vegas, lost about $100 million after a hack in 2019.⢠Capita data breach âmay affect millionsâWhile authorities advise companies against paying cybercriminals to restore their systems, many quietly end up doing so in cryptocurrency.M&S has reported itself to the Information Commissionerâs Office and is working with the National Cyber Security Centre to respond to the breach.Skip the extension â just come straight here.
Weâve built a fast, permanent tool you can bookmark and use anytime.
Go To Paywall Unblock Tool