The chairman of Marks & Spencer has refrained from discussing details regarding a ransomware attack impacting the company, particularly concerning any potential ransom payment. Archie Norman emphasized the importance of law enforcement in these matters and clarified that no direct interactions occurred between company representatives and the cybercriminals identified as DragonForce. In May, Marks & Spencer confirmed that customer data was stolen, affecting names, addresses, and order histories, and causing significant operational disruptions. The company is actively engaged in recovery efforts, expected to continue into late autumn.
"We've said that we are not discussing any of the details of our interaction with the threat actor," said chairman Archie Norman, referring to the ransom payment. "We don't think it's in the public interest to go into that subject partly because it is a matter of law enforcement."
In May, Marks & Spencer disclosed that hackers had stolen an unspecified amount of customer data, including names, dates of birth, home and email addresses, phone numbers, household information, and online order histories.
Norman said that "nobody" at Marks & Spencer interacted directly with the cybercriminals, which he attributed to the ransomware gang DragonForce.
Norman told lawmakers that the company is still dealing with recovery efforts and will continue to do so until October or November.
Collection
[
|
...
]