हिंदी में पढ़ने के लिए मेनू बार से हिंदी भाषा चयन करें।
In a shocking development from the UK retail sector, Marks & Spencer (M&S) has suffered a major cyberattack, reportedly resulting in losses of around £300 million. The hacking group DragonForce Malaysia has claimed responsibility for the breach, which has exposed customer data and disrupted the company’s online operations.
About M&S
Marks & Spencer is one of the UK’s most trusted retail chains, with a legacy of over 100 years. It operates across clothing, food, and home products, with both physical stores and a strong online presence. M&S serves millions of customers each month, making it a prime target for cybercriminals.
What Happened?
According to sources, the hackers gained access to the company’s internal systems, causing severe disruptions to its website and backend operations. Online ordering was temporarily suspended, and several internal services faced outages.
The attack went unreported to the public initially, until M&S Chairman Archie Norman revealed it in a recent interview. He stated that not one but two separate cyberattacks took place in a short period, both causing significant damage.
Who is DragonForce?
DragonForce Malaysia is a hacker group known for cyberactivism and large-scale data breaches. In the past, they have attacked financial institutions, government databases, and retail networks. The group is believed to operate from Asia and often targets Western companies.
They claimed responsibility on dark web forums and even shared samples of stolen data, including customer contact details and transaction history. This has raised serious concerns over data privacy and cybersecurity among consumers and experts alike.
Financial Impact
The total estimated damage from the attack stands at around £300 million. This includes:
- Revenue loss due to the website being offline.
- Costs of investigating and fixing the breach.
- Reputation damage, which could affect future customer trust and sales.
- Potential regulatory fines if M&S is found negligent in protecting customer data.
Though no credit card or bank account numbers were leaked, email addresses, phone numbers, and purchase records were reportedly compromised.
Company Response
M&S acted swiftly once the breach was detected. The company:
- Shut down vulnerable systems
- Hired external cybersecurity experts
- Informed the UK’s National Cyber Security Centre (NCSC)
- Sent warning emails to affected customers, urging them to be cautious of phishing attacks.
Archie Norman stated that M&S has now increased its cybersecurity budget and is investing in new technologies to prevent future attacks.
Government Involvement
The NCSC has launched a formal investigation. Officials have hinted that foreign cyber groups may face diplomatic or legal action if found guilty. The UK government is also pushing for stronger data protection laws and corporate accountability.
Final Thoughts
This attack is a reminder that even the most established companies are not immune to cyber threats. As businesses grow more digital, data becomes the most valuable asset, and its protection must be a top priority.
For customers: Always be cautious of suspicious emails or calls.
For companies: Cybersecurity is no longer optional—it’s essential.
