British retail giant Marks & Spencer confirmed that hackers stole customer identity during a cyber attack last month.
In a brief statement with the London Stock Exchange on Tuesday, the retailer said an unspecified amount of customer information was obtained in the data breaches. The BBC, which first reported the company’s submission, cited an online letter from Marks & Spencer, stating that the stolen data includes customer name, birth date, home and email address, phone number, household information and online order history.
The company also said it has reset its online account passwords for its customers.
Marks & Spencer continues to experience disruption and halt across stores, with some grocery shelves remaining empty after the hack affected the company’s business. The company’s online ordering system for customers remains offline as well.
It is not clear how many personal data was stolen during the hack. When they reached TechCrunch, Marks & Spencer spokesman Alicia Sanctuary would not have said how many individuals were affected and introduced TechCrunch in an online statement. Marks & Spencer had 9.4 million online customers as of March 30, 2024, according to its latest annual report.
Media reports say the ransomware and terror gang, known as Dragonforce, has been praised for cyberattacks by several British retail giants, including Marks & Spencer.
The UK Retailer Cooperative and Harrods were targeted by hackers around the same time Marks & Spencer was hacked. The cooperative initially said there was no evidence that the data had been breached, but later said the hackers stole customer data. In an update to its website, the co-op said it had extracted its customer name, date of birth, home and email address and phone number.
The BBC reported last week that Dragonforce claimed that it had personal information on 20 million people who signed up for the Co-Op membership program, including current and former members.
Last week, the UK National Cybersecurity Centre said it is “working with victims and law enforcement colleagues” to get a better understanding of the hacking.