Marks and Spencer says customers' information stolen in cyber attack
You will be prompted to reset your password
People seen near Marks & Spencer
Retail giant Marks & Spencer has revealed that customer personal data has been taken by hackers after being hit by a damaging cyber attack. Chief executive Stuart Machin said the data had been accessed due to the 'sophisticated nature of the incident' but stressed that this does not include payment or card details, or account passwords.
In a social media post, Mr Machin said there is 'no need for customers to take any action'.
'To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or log on to their M&S account and we have shared information on how to stay safe online,' he said. The number of 'nationally significant' cyber attacks in the last eight months has doubled on the same period a year ago, a security chief has warned.
Richard Horne, chief executive of the National Cyber Security Centre, said that the agency had dealt with 200 incidents since September 2024, including twice as many causing widespread disruption as the same period last year. Speaking at the CyberUK conference in Manchester, Mr Horne warned that adversaries were 'probing for weaknesses' and operating daily in a grey area 'between peace and war' to pursue geopolitical goals.
Russia will continue to target Ukraine and supporting countries with digital espionage in order to gain strategic ground in ceasefire negotiations, he said, while the UK faces further threats from Iran, China and North Korea. The intervention comes after a wave of cyber attacks on high-profile British retailers including Harrods, Marks and Spencer and the Co-op Group in recent weeks.
In a speech to business chiefs and tech experts, Mr Horne said: 'In just the last few weeks, we have seen the very real impacts that cyber attacks can have and the kind of disruption they can cause for both businesses and individuals alike.
Article continues below
'The threat picture is diverse and dramatic – at the NCSC we've managed more than 200 incidents since September last year. This includes twice as many nationally significant incidents as the same period a year ago.'
Mr Horne said that behind the attacks were 'our adversaries', warning that 'hostile nation states have weaponised their cyber capabilities.'
'While they might not be using them in pursuit or support of direct conflict, some are operating daily in the grey zone, that murky space between peace and war where states and non-state actors engage in competitive activity.'
While Beijing remains the 'pacing threat' in the cyber realm with the Chinese Communist Party's 'vast ecosystem' of legislation and data, Moscow has been using criminal proxies to focus on acts of sabotage, he said.
'With our partners in MI5, including the National Protective Security Authority, we see a direct connection between Russian cyber attacks and physical threats to our security,' Mr Horne warned.
'These threats are manifesting on the streets of the UK against our industries and our businesses, putting lives, critical services and national security at risk.
'And so the role of our community is therefore not just about protecting systems, it's about protecting our people, our economy, our society from harm.'
He added: 'Today, I can say for the first time, based on our assessments, that as we move closer to the possibility of a ceasefire in the Ukraine conflict it is almost certain that Russia will continue its wider cyber espionage activity against Ukraine and supporting countries to gain strategic advantage in its negotiation strategy.'
Meanwhile, UK firms are being targeted by IT workers in the North Korean system to raise revenue for the country's regime and Britain also faces a heightened threat of espionage from Iran, he said. Mr Horne said the NCSC, which is a part of the UK's GCHQ spy agency, is able to gather intelligence about what adversaries are doing and an act on it at pace to disrupt hostile activity.
But he said cybersecurity must be something that 'we all need to do together' to 'ensure our collective success'.
'We cannot control everything, but we must control the things that we can and be prepared for the things we can't,' Mr Horne said.
Meanwhile, Chancellor of the Duchy of Lancaster Pat McFadden warned that Government systems are not 'bombproof' and remain in need of modernisation.
Speaking at the conference, the senior Cabinet minister said: 'I can't stand here this morning and tell you that the Government systems are bombproof. This is not the case. 'We have new systems built on top of legacy systems and we are doing everything in our power to modernise the state and to upgrade these core systems but the Government and the country as a whole has to take this seriously if we are going to do it securely in the future.'
Mr McFadden said the cyber attacks in recent weeks should be a 'wake-up call' for British businesses as he announces a £16 million package to boost defence at home and abroad.
The Government has unveiled measures aimed at reinforcing systems against attack, including driving investment into CHERI, a 'magic chip' that builds advanced memory protections in microprocessors.
Some £4.5 million will be spent helping firms bring the technology, which can block up to 70% of common cyber attacks, to market, the Cabinet Office said.
A new software security code of practice will also be published on Wednesday, outlining essential steps the Government believes every organisation developing or selling software should be taking to secure their products.
An extra £7 million for Britain's Laboratory for AI Security Research will be confirmed, along with investment of £8 million in Ukrainian cyber defences and more than £1 million to 'protect Moldovan elections'.
Article continues below
Mr McFadden said cyber would also be a prime target for economic growth in the Government's upcoming industrial strategy.
'There is enormous potential for cyber security to be a driving force in our economy – creating jobs, growth and opportunities for people. It's already a sector on the up – with over 2,000 businesses across the UK,' he said.
'It is going to be a significant commitment, a vote of confidence in your sector, and one that will tell the world: the UK plans to be a global player in cybersecurity for decades to come.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Rhyl Journal
3 hours ago
- Rhyl Journal
British man convicted of trying to spy for Russian intelligence service
Howard Phillips, 65, from Harlow, Essex, intended to help two apparent Russian agents called 'Sasha' and 'Dima', including by passing on personal information about former defence secretary Sir Grant Shapps, helping with travel logistics and booking hotels. But 'Dima' and 'Sasha' were in fact undercover British intelligence officers, Winchester Crown Court previously heard. A jury found Phillips guilty of assisting a foreign intelligence service under the National Security Act on Tuesday, following a two-week trial at the same court. The jury reached a unanimous verdict after four hours and four minutes of deliberations. Phillips, wearing a dark suit and tie, silently shook his head in the dock as the verdict was given. Prosecutors said Phillips intended to assist Russian agents from the end of 2023 until May last year. Phillips offered to pass on Sir Grant's contact details as well as the location where he kept his private plane in order to 'facilitate the Russians in listening on British defence plans', the trial heard. He was heard telling the men he wanted to work for Russia in exchange for financial independence from the UK. The defendant's ex-wife, Amanda Phillips, told the court during the trial that he 'would dream about being like James Bond', and that he watched films to do with MI5 and MI6 as he was 'infatuated with it'. Mrs Phillips told the court she was aware the defendant had applied for a job at the UK Border Force in October 2023, which prosecutors said was part of his bid to assist Russia's intelligence service. Phillips previously claimed he had contacted the Russian embassy in early 2024 in a bid to track and expose Russian agents to assist Israel. He told jurors he ascertained 'from the onset' that 'Dima' and 'Shasha' were 'definitely not Russian' and were undercover individuals, but that he carried on 'playing a role' around these agents in order to 'test the waters'. Mrs Justice Cheema-Grubb remanded Phillips in custody and adjourned sentencing to the 'earliest available date' in the autumn. The judge said she wanted a full pre-sentence report on the defendant ahead of sentencing as the conviction was for a 'relatively new' offence. Addressing the jurors, she said: 'Thank you very much for the important work that you have done on this very important case. 'We are trying, as a system, to get to the right answers in these situations.' Officers from the Metropolitan Police's Counter Terrorism Command arrested Phillips in central London on May 16 last year, after he travelled to the capital for a meeting with the two apparent Russian agents. Detective Chief Superintendent Helen Flanagan said: 'Phillips was unemployed and his primary motivation for wanting to become a spy for the Russian Intelligence Service was financial reward. 'His conviction should act as stark warning to anyone who thinks that carrying out illegal activity on behalf of a foreign state is an attractive or easy way to earn money. 'The reality is that we take this kind of activity extremely seriously. 'Those involved will be identified, investigated and, like Phillips, will face extremely serious consequences when they are convicted. 'This case is also another successful use of the National Security Act to prosecute someone who was attempting to undermine the security of the UK and we will continue to use these powers available to us to help keep the public safe.' Bethan David, head of the Crown Prosecution Service's counter terrorism division, said: 'This conviction sends a clear message to anyone considering spying for or assisting Russia. 'Howard Phillips clearly outlined the services he was willing to provide for a hostile state. From gaining employment within the civil service and applying for security clearance, to providing the personal details of the Secretary of State for Defence – Phillips was brazen in his pursuit for financial gain and unbothered about the potential detriment to his own country. 'It is a criminal offence to assist a foreign intelligence service, regardless of your motive or whether or not you succeed. 'We will always seek to prosecute anyone who poses a threat to the UK.'
South Wales Guardian
3 hours ago
- South Wales Guardian
Hewlett-Packard lost hundreds of millions in Autonomy acquisition, judge rules
The technology firm, now known as Hewlett-Packard Enterprise (HPE), sued the British entrepreneur for around five billion US dollars following its purchase of Cambridge-based Autonomy for 11.1 billion dollars (£8.2 billion) in 2011. The company claimed at a nine-month trial in 2019 that Mr Lynch inflated Autonomy's revenues and 'committed a deliberate fraud over a sustained period of time', which it said forced it to announce an 8.8 billion dollar (£6.5 billion) write-down of the firm's worth just over a year after the acquisition. In a ruling in 2022, Mr Justice Hildyard said the American firm had 'substantially succeeded' in their claim, but that it was likely to receive 'substantially less' than the amount it claimed in damages. He said that Autonomy had not accurately portrayed its financial position during the purchase, but even if it had, HPE would still have bought the company, but at a reduced price. A hearing was then held last year to decide the amount that Mr Lynch must pay in damages, before the businessman died aged 59 along with his 18-year-old daughter, Hannah, and five others when his yacht, the Bayesian, sank off the coast of Sicily last August. On Tuesday, Mr Justice Hildyard ruled that HPE suffered losses amounting to £697,876,753 through the purchasing of Autonomy, some of which is set to be paid by Mr Lynch's estate. He also ruled that Mr Lynch's estate is liable to pay part of around 47.5 million dollars in damages, which is worth around £35 million. Some of the money is due to be paid by Sushovan Hussain, Autonomy's former chief financial officer, who was also sued by HPE. He was convicted in April 2018 in the US of wire fraud and other crimes related to Autonomy's sale, and was sentenced to five years in prison. While he has since settled HPE's claim, he could still be required to pay damages. A further hearing to deal with matters including interest, currency conversion and whether Mr Lynch's estate can appeal against the decision is set to be held in November. Handing down his ruling, Mr Justice Hildyard expressed his 'great sympathy' for Mr Lynch's family, calling his death a 'tragedy'. He said: 'It is a source of anxiety to me that I have to deliver a judgment that will inevitably cause further stress on those involved.' In the 197-page ruling, he said he considered that HPE's claim 'was always substantially exaggerated' and that the five billion dollars figure claimed 'was not based on detailed analysis'. Following the ruling in 2022, Mr Lynch, who was also the founding investor of cybersecurity giant Darktrace, was extradited to the US in May 2023 to face criminal charges after his removal was approved by the then-Home Secretary Priti Patel. He was cleared of accusations that he orchestrated a fraud and conspiracy over Autonomy's sale in the US in June 2024, and was celebrating the acquittal on his yacht at the time of his death. In a statement written before his death, issued posthumously by his representatives on Tuesday, Mr Lynch said: 'Today's High Court ruling reflects that HP's original five billion dollar damages claim was not just a wild overstatement – misleading shareholders – but it was off the mark by 80%. 'HP acquired Autonomy for 11.6 billion dollars and today's judgment is a view that Autonomy's actual value was not even 10% below the price HP paid. 'This result exposes HP's failure and makes clear that the immense damage to Autonomy was down to HP's own errors and actions. 'An appeal process will be considered later this year. 'The English civil case included hearsay evidence from the US and we were never able to question or cross-examine those witnesses. 'This is in direct contrast to the rights of defendants in the US legal system. 'When in the US criminal trial we were able to cross-examine the relevant witnesses, a very different story emerged. Why is the English legal system so trusting?' A spokesperson for HPE said: 'We are pleased that this decision brings us a step closer to the resolution of this dispute. 'We look forward to the further hearing at which the final amount of HPE's damages will be determined.' Jeremy Sandelson, who was appointed by the court as administrator of Mr Lynch's estate, said he would be 'examining the judgment carefully', including whether to appeal both the 2022 ruling and the judgment on Tuesday.
NBC News
4 hours ago
- NBC News
Obama pushes back on Trump's 'outrageous' and 'bizarre' treason claim
Former President Barack Obama's office issued a rare rebuke of President Donald Trump on Tuesday after the president accused his predecessor of having committed "treason" and rigging the 2016 and 2020 elections. "Out of respect for the office of the presidency, our office does not normally dignify the constant nonsense and misinformation flowing out of this White House with a response," Obama spokesperson Patrick Rodenbush said. "But these claims are outrageous enough to merit one. These bizarre allegations are ridiculous and a weak attempt at distraction." When reporters on Tuesday asked Trump about the late convicted sex offender Jeffrey Epstein, he pivoted to what he called Obama's "criminality." 'After what they did to me — and whether it's right or wrong, it's time to go after people. Obama's been caught directly,' Trump told reporters. 'What they did in 2016 and 2020 is very criminal. It's criminal at the highest level. So that's really the things you should be talking about.' 'Look, he's guilty. It's not a question,' Trump added. 'This was treason. This was every word you can think of. They tried to steal the election. They tried to obfuscate the election.' Trump was referring to claims made by National Intelligence Director Tulsi Gabbard and CIA Director John Ratcliffe in social media posts and television appearances that they had found Obama administration officials manipulated intelligence and conspired to undermine the legitimacy of Trump's electoral victory in 2016. Gabbard posted on social media on Friday that she was making a criminal referral to the Justice Department. Rodenbush said the Trump administration is being misleading about the information it's using to push its claims. "Nothing in the document issued last week undercuts the widely accepted conclusion that Russia worked to influence the 2016 presidential election but did not successfully manipulate any votes. These findings were affirmed in a 2020 report by the bipartisan Senate Intelligence Committee, led by then-Chairman Marco Rubio," Rodenbush said. Asked to comment on Obama's statement, White House spokesperson Davis Ingle said, "The White House is appreciative of Director Gabbard's commitment to transparency and effort to end the weaponization of government against American citizens.' Gabbard alleges the documents show that Russia did not seek to interfere in the 2016 election for Trump's benefit, despite numerous investigations that showed otherwise. 'On Dec 8, 2016, IC officials prepared an assessment for the President's Daily Brief, finding that Russia 'did not impact recent U.S. election results' by conducting cyber attacks on infrastructure. Before it could reach the President, it was abruptly pulled 'based on new guidance.' This key intelligence assessment was never published,' Gabbard wrote in one post. The Obama administration, however, never claimed that Russian cyberattacks impacted the election results. 'I can assure the public that there was not the kind of tampering with the voting process that was of concern … the votes that were cast were counted — they were counted appropriately,' Obama said from the White House, days after receiving the December 2016 brief to which Gabbard referred. The Obama White House said that Russia sought to interfere in the campaign by leaking hacked documents and using bots and troll farms to spread misinformation about the election — a finding that was later backed by special counsel Robert Mueller's investigation and a Senate report. Another special counsel, appointed by then-Attorney General Bill Barr and championed by Trump, investigated claims that the Russia-related investigations were politicized for over three years. John Durham's report was critical of the FBI's handling of the probe, saying that it found senior "FBI personnel displayed a serious lack of analytical rigor toward the information they received" — but nothing to the level of criminality now alleged by Trump. The Senate report, meanwhile, was unequivocal about Russia's actions. 'The Committee's bipartisan Report found that Russia's goal in its unprecedented hack-and-leak operation against the United States in 2016, among other motives, was to assist the Trump Campaign. Candidate Trump and his Campaign responded to that threat by embracing, encouraging, and exploiting the Russian effort," the report said. Democratic lawmakers said the administration is trying to rewrite history in order to assuage Trump. 'This is just another example of the DNI trying to cook the books, rewrite history, and erode trust in the intelligence agencies she's supposed to be leading,' Sen. Mark Warner, D-Va., said in a statement. House Democratic Caucus Chair Pete Aguilar of California told NBC News on Monday that 'it's all a distraction." "[T]hey'll release anything if it buys them another day or two to not talk about Epstein or to get the angry mob to talk about Epstein,' Aguilar said. The Russia investigation is only one of a number of old grievances that Trump has revived in recent days while coping with backlash from MAGA supporters about the handling of the Epstein case. Trump has used his Truth Social social media platform to accuse his old foe Sen. Adam Schiff, D-Calif., of breaking the law, and shared AI-generated mug shots of various Democratic officials who've been Republican bogeymen over the years. The Justice Department, meanwhile, released thousands of files related to Martin Luther King Jr's assassination on Monday, and announced it had sent a redacted report to Sen. Chuck Grassley, R-Iowa, about the FBI's handling of files related to 'former-FBI Director James Comey's failed investigation into Hillary Clinton's mishandling of highly classified information' during Clinton's time as secretary of state.
