Marks Spencer M S has confirmed that personal customer data was stolen in a cyberattack that has disrupted its online services for several weeks.
Since Easter, the British retailer has faced significant operational challenges due to a ransomware attack, forcing the company to suspend online sales, contactless payments in-store, and even recruitment activities.
In a statement released on Tuesday, M S revealed that some customers personal data had been compromised due to the sophisticated nature of the attack. The stolen data may include names, dates of birth, home addresses, and telephone numbers.
However, the retailer reassured customers that the information taken did not include payment card details or account passwords. There is also no evidence that the stolen data has been shared or misused, M S added.
The company did not specify how many customers were affected by the breach. Although no immediate action is required from customers, M S advised them to be cautious of unsolicited emails or text messages containing links.