Unlock stock picks and a broker-level newsfeed that powers Wall Street.

The Telegraph
M&S calls in Scotland Yard to investigate devastating cyber attack
Hannah Boland
2 min read

In This Article:

Empty shelves in Marks & Spencer's food stores
The disruption has led to empty shelves in Marks & Spencer’s food stores - Holly Williams/PA

The Metropolitan Police have been called in to investigate the crippling cyber attack at Marks & Spencer, which has left the retailer unable to accept online orders for a sixth day.

The retail giant has called in the Met’s cyber crime unit as it scrambles to bring systems back online following a ransomware attack.

It emerged this week that a cyber gang known as Scattered Spider – a disparate group of cyber criminals thought to include British and American teenagers – could have been involved in the breach.

M&S is now working with cyber security experts from CrowdStrike, GCHQ’s National Cyber Security Centre, the Met Police and the National Crime Agency as it battles to deal with the IT issues.

The Met Police said inquiries continued to take place, but added that no arrests had been made so far. It has been working with M&S since last Wednesday. Their involvement was first reported by the Daily Mail.

The cyber attack on M&S has now been going on for almost a fortnight. The retailer was initially hit by issues with contactless payments and click-and-collect orders over the Easter weekend. While contactless payments have since been restored, M&S was forced to pull online orders on Friday and click-and-collect orders are still subject to delays.

The disruption has led to empty shelves in food branches, with M&S admitting to “pockets of limited availability in some stores”.

The chaos has wiped hundreds of millions of pounds from M&S’s market value as investors scramble to work out how costly the attack will be.

The Telegraph revealed last week that the cyber incident was a ransomware attack.

In such attacks, a criminal gang infiltrates a victim’s IT infrastructure, uses a computer virus to encrypt their files and computers, and then demands a ransom as payment for unlocking them. They may also threaten to release stolen information on the dark web.

Investigators believe the attackers used a hacking tool from a group known as DragonForce, which bills itself as a “ransomware cartel”.

DragonForce typically sells its technology to other hacking groups, making it more difficult to attribute blame. However, investigators are pursuing a theory that cyber gang Scattered Spider might be involved.

Last night, British teenagers were linked to the online gang, which is best described as a loose online collective of English-speaking young men.

Cyber experts said the fact attackers may have British and American origins may mean they are “within reach of law enforcement”.

M&S declined to comment.

Terms and Privacy Policy
Your Privacy Choices
Utah Privacy Notice
More Info

Recommended Stories