Write an article about
[LONDON] Britain’s Marks & Spencer (M&S) entered a second week unable to take online orders on Friday (May 2) following a major cyberattack, while food retailer the Co-op Group said hackers had stolen customer data.
Some £700 million (S$1.2 billion) has been wiped off the stock market value of M&S since the hack was revealed last week, and news that the Co-op and London department store Harrods have also faced incidents in recent days was described as a “wake up call” by the government’s National Cyber Security Centre (NCSC).
British companies, public bodies and institutions have been hit by a wave of cyberattacks in recent years, costing them tens of millions of pounds and often months of disruption.
The 141-year-old M&S, one of the best known names in British business, stopped taking clothing and home orders through its website and app on Apr 25 following problems with contactless pay and click-and-collect services over the Easter holiday weekend.
The Co-op first revealed a cyberattack on Wednesday but said on Friday that information relating to a significant number of its current and past members, including personal data such as names, contact details and dates of birth had been taken.
Ciaran Martin, former chief executive of NCSC, told Reuters that so far there were no signs that the attacks on M&S, the Co-op and Harrods were linked, with the latter two possibly discovered as a result of increased vigilance following the M&S incident.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
“If this can happen to M&S, it can happen to anybody,” he said, noting that after such a serious attack there was nothing unusual about the length of the recovery period.
On Friday, M&S CEO Stuart Machin again apologised to shoppers, without saying when online ordering would resume.
“We are working day and night to manage the current cyber incident and get things back to normal for you as quickly as possible,” he said in an email sent to M&S customers.
With M&S, which has about 1,000 stores across Britain, making around one-third of its clothing and home sales online, analysts said a short-term profit hit is inevitable.
M&S declined to quantify the financial impact, which is growing by the day as it misses out on sales of new season ranges with the UK basking in record May temperatures.
Commuters were locked out of their accounts for almost three months last year after a cyberattack at London transport operator TfL, while a cyberattack on a blood test processing company in London also last year disrupted services for more than three months.
Availability of some food products has also been affected in some M&S stores, while the disruption may be having a broader impact on the business, which has pulled job postings on its website.
Shares in M&S closed down 1 per cent, extending losses since Easter to about 9 per cent.
Helen Dickinson, CEO of trade body British Retail Consortium, said cyberattacks were becoming “increasingly sophisticated”, forcing retailers to spend hundreds of millions of pounds every year on defences.
“All retailers are continually reviewing their systems to ensure they are as secure as possible,” she said.
Technology specialist site BleepingComputer, citing multiple sources, said a ransomware attack that encrypted M&S’s servers was believed to have been conducted by a hacking collective known as “Scattered Spider”.
NCSC is working with the affected retailers, while the Metropolitan Police’s Cyber Crime Unit and the National Crime Agency are investigating the M&S attack.
“These incidents should act as a wake-up call to all organisations,” said NCSC head Richard Horne.
Labour lawmaker Matt Western, chair of parliament’s Joint Committee on the National Security Strategy, said the government should do more to prevent major cyberattacks.
“As the government concludes its consultation on proposals to counter ransomware, I hope its response treats these threats with the seriousness they clearly deserve.” REUTERS
in html format .Organize the content with appropriate headings and subheadings ( h2, h3, h4, h5, h6). Include conclusion section and FAQs section with Proper questions and answers at the end. do not include the title. it must return only article i dont want any extra information or introductory text with article e.g: ” Here is rewritten article:” or “Here is the rewritten content:”
