By Paul Sandle and James Davey
LONDON (newsinpo.site) -Marks & Spencer said hackers broke into its systems by tricking employees at a third-party contractor, skirting its digital defences to launch a cyberattack that will disrupt the British retailer for months.
Since revealing the breach on April 22, CEO Stuart Machin provided further information. He stated that every company faces such risks, and as a result, M&S has increased its technology expenditure threefold over the past three years to strengthen its defenses.
M&S has entered into an IT agreement with Tata Consultancy Services. A source close to the situation informed newsinpo.site that this arrangement serves as a pathway for them. When contacted, TCS chose not to provide comments.
Machin declined to comment on TCS specifically when asked if it was the weak link.
“Unable to get into our systems by breaking through our digital defences, the attackers did try another route resorting to social engineering and entering through a third party rather than a system weakness,” he told reporters.
“Once access was gained, they used highly sophisticated techniques as part of the attack.”
Machin declined to comment on any ransom demand, citing advice from government agencies and law enforcement.
M&S ceased online sales operations. They announced on Wednesday that full restoration of these services was not expected until July.
Machin said M&S became aware of the breach when it spotted suspicious activity during the Easter weekend of April 19-20.
He mentioned that the duration from when the hackers gained entry until they were detected was “brief.” According to experts who informed the firm, this period typically lasted around 10 days, whereas in certain instances, it extended over several months.
The National Crime Agency in Britain informed the BBC that their investigation into the attack centered around a group of young, English-speaking hackers.
M&S, with annual sales of almost £14 billion ($19 billion), promptly contacted specialists, collaborators, and regulatory bodies, according to Machin.
He mentioned that around 600 systems had been examined for damages, and these systems were slowly being restored to operational status.
($1 = 0.7459 pounds)
(Reporting by Paul Sandle and James Davey. Editing by Mark Potter)
