The Company That May Have Been The Gateway To £300m M&s Hack

The cyber attack on Marks and Spencer which has cost the firm around £300m may have been launched via a high profile IT consultancy firm.

Indian company Tata Consultancy Services (TCS), which provides IT services to M&S, is reported to be undertaking an internal investigation to establish whether it was the gateway for the hack which brought the high street giant to its knees, it has been reported.

Part of the Tata Group, TCS has 607,000 employees working across 55 countries, has a portfolio of well known clients including M&s and Coop and was the sponsor of last month’s London Marathon.

M&S chief executive Stuart Machin said earlier this week the damaging cyber attack was caused by “human error”.

He said: “We didn’t leave the door open, this wasn’t anything to do with under-investment. Everyone is vulnerable.

“For us, we were unlucky on this particular day through some human error.”

Now it has emerged that error may have come via a third party.

The Financial Times has reported that Tata Consultancy Services is internally investigating whether it was the gateway for a cyber attack against the store.

The newspaper said a person with knowledge of the matter had stated that TCS had been investigating the matter in tandem with M&S and hopes to conclude the inquiry by the end of the month.

Tata Consultancy Services have been approached by The i Paper for comment.

An M&S spokesperson told The i Paper: “We are not commenting on specifics of the cyber incident and we’ve been advised not to.”

The cyber attack on M&S took place over the Easter weekend, leaving shelves empty and preventing it from taking online orders.

It is understood the strike by hackers may have gone undetected for up to 52 hours.

A cyber gang, thought to be the Scattered Spider group, are reported by The Times to penetrated the high street giant’s online defences through a contractor before stealing customers’ personal data.

On Wednesday the firm said online sales and profits in its fashion, home and beauty business have been “heavily impacted” and disruption to online operations is set “to continue throughout June and into July as we restart, then ramp up operations”

It said the incident is likely to drag its group operating profits down by around £300m this year but it expects this to be reduced through cost management, insurance and other reactions.

Mr Machin said 85 per cent of its online operations are expected to be restored soon, as the company focuses on certain parts of its operations first.

But the high street retailer admitted customer personal data had been stolen in the cyber attack.

M&S said: “As we continue to manage the current cyber incident, we have written to customers to let them know that unfortunately the nature of the incident means some personal customer data has been taken.”

But it added there was “no evidence that this data has been shared and it does not include useable card or payment details, or account passwords, so there is no need for customers to take any action”.

M&S was one of three big retail names to be targeted in recent weeks along with Coop and Harrods.

The National Crime Agency (NCA) has confirmed the cyber criminal collective Scattered Spider is a key focus for its investigation.

Paul Foster, head of the NCA’s national cyber-crime unit, told the BBC: “We are looking at the group that is publicly known as Scattered Spider, but we’ve got a range of different hypotheses and we’ll follow the evidence to get to the offenders.

“in light of all the damage that we’re seeing, catching whoever is behind these attacks is our top priority.”