Marks & Spencer says hackers have stolen some customer data

Marks & Spencer Group Plc said some personal customer data was stolen by hackers as the British retailer continues to investigate and manage a highly-damaging “cyber incident.” 

The stolen data does not include “useable payment or card details” and there is no evidence it has been shared, the food, clothing and homewares group said Tuesday. Customers do not need to take any action but will be prompted to reset their passwords when they log into the retailer’s website, it said. 

M&S said it’s working closely with cyber security experts and law enforcement as it tries to recover from the “sophisticated nature of the incident.”

Shares of M&S were up 0.8% at 8:45 a.m. in London, after closing at the lowest level since March 26 on Monday.

The company first announced it had been targeted by hackers on April 22. Some of its systems were infected with ransomware, which encrypts files stored on computers so they cannot be used. In the aftermath, M&S stopped accepting contactless payments and shut down online orders, and its website is still not working for transactions. 

A cybercrime gang has taken credit for a disruptive campaign of attacks on UK retailers, with the Co-op Group and luxury department store Harrods Ltd. also targeted. Supermarket chain Co-op said this month hackers were able to extract customer data from one of its systems during the recent attack. 

A spokesperson for the gang, known as “DragonForce,” told Bloomberg that it carried out the attacks with partners to extort money from victims.