Marks & Spencer Data Breach: What Happened, Who’s Affected, and What to Do Next
If you’re searching for details about the recent Marks & Spencer data breach, you’re not alone. Millions of customers are asking: Was my data stolen? What kind of personal information was exposed? And—how do I protect myself now? The U.K. retail giant Marks & Spencer has officially confirmed that a cyberattack compromised sensitive customer information, including names, dates of birth, contact details, and online order histories. This breach highlights a growing wave of cyberattacks targeting major retailers, raising urgent concerns about data security, identity theft, and the financial impact of ransomware attacks.
Image Credits:Mike Egerton/PA Images / Getty ImagesWhat Information Was Stolen in the M&S Cyberattack?
In a statement released through the London Stock Exchange, Marks & Spencer revealed that an undisclosed amount of personal data was exfiltrated in the breach. According to a follow-up report from the BBC, the stolen data includes:
-
Full names
-
Dates of birth
-
Home and email addresses
-
Phone numbers
-
Household information
-
Online purchase history
To safeguard affected users, Marks & Spencer is resetting online account passwords as a precautionary measure.
Who Is Behind the Marks & Spencer Hack?
The cybercriminal group DragonForce, known for large-scale ransomware and extortion operations, has reportedly taken credit for this and other attacks on major U.K. retailers. In addition to M&S, high-profile retailers such as Harrods and the Co-op were also targeted in a similar timeframe. DragonForce claims to possess data from over 20 million Co-op members, underscoring the scale of this coordinated cybercrime campaign.
How Many Customers Were Impacted?
Marks & Spencer has yet to confirm the total number of individuals affected. However, their most recent annual report shows they had over 9.4 million online customers as of March 2024. While it’s unclear whether all users were impacted, the breach’s magnitude suggests that a significant portion of customer data may have been compromised.
Are M&S Operations Still Affected?
Yes. The cyberattack caused major disruptions across both physical and online operations. Customers have reported empty grocery shelves, and the retailer’s online ordering platform remains offline as the company works to restore functionality. These service outages add to customer frustration and highlight the broader operational risks posed by ransomware threats.
What You Should Do Now
If you’re an M&S customer—or even if you’ve only made purchases online in the past year—take these actions immediately to protect your financial and digital identity:
-
Change your passwords (especially if you reuse them on multiple sites).
-
Enable two-factor authentication on your M&S and other retail accounts.
-
Monitor your bank and credit card activity for any unusual charges.
-
Use identity theft protection services to safeguard against fraud.
-
Stay informed by following updates from M&S and cybersecurity authorities.
National Cybersecurity Response
The U.K. National Cyber Security Centre (NCSC) is actively investigating the attacks alongside law enforcement. They are working directly with the affected retailers to mitigate further risk and assess the scope of the breach. This coordinated response reflects the growing urgency of protecting consumer data amid a rise in high-impact cyberattacks.
The Marks & Spencer data breach is a stark reminder of how vulnerable personal data can be in today's digital economy. With identity theft, phishing scams, and financial fraud on the rise, it's more important than ever to take cybersecurity seriously. As high-stakes attacks like this continue to unfold, expect more scrutiny on data privacy, stricter security protocols, and growing demand for secure online shopping experiences.
Protect your data. Stay informed. And don’t wait until it’s too late to secure your digital footprint.
Post a Comment