Wilson's Media

A Tech & Gaming Blog

M&S hack may have been caused by security issues at Indian IT giant Tata Consultancy Services

  • Marks & Spencer suffered a cyber-incident in April 2025
  • Reports claimed the attack was the work of ScatteredSpider
  • Tata Consultancy Services is investigating if the attack came from its network

Tata Consultancy Services (TCS), an Indian IT company and part of the massive Tata Group conglomerate, is currently investigating whether the recent cyberattack on Marks & Spencer (M&S) originated from its infrastructure.

In late April 2025, M&S confirmed suffering a “cyber incident” which affected its stores and resulted in changes to store operations.

Later reports said the company had to take some of its systems and processes offline, and was forced to disable contactless and Click and Collect services in stores, since the incident was, in fact, a ransomware attack. Online orders were also halted. The disruption persisted for weeks, M&S’ market capitalization dropped by £1 billion, and customer data was allegedly stolen by the actors.

Targeting Tata

It had been reported the group known as Scattered Spider was behind the ordeal

Now, BBC News reports TCS, which has been servicing M&S for more than a decade, is investigating whether it was the stepping stone to the attack. Right now, both parties are staying silent, but the investigation should wrap up before June 2025.

TCS is part of the large Indian conglomerate Tata Group, which counts more than 100 companies across a wide range of industries. As such, it is a major target for all sorts of cybercriminals, and roughly two years ago, Hive Ransomware struck Tata Power, India’s largest integrated power company. Early this year, Tata Technologies, a global engineering services provider was also attacked.

The attack is reportedly the work of Scattered Spider, a ransomware organization usually targeting UK retailers, financial institutions, technology firms, and entertainment/gambling organizations. The group is not as tightly-knit as organizations such as LockBit or Cl0p.

It is relatively loose, and operates within a larger hacking community known as “the Com”. Its members engage in all kinds of attacks, from social engineering and SIM swapping, to ransomware.

Via BBC

You might also like


Source

Marks & Spencer suffered a cyber-incident in April 2025 Reports claimed the attack was the work of ScatteredSpider Tata Consultancy Services is investigating if the attack came from its network Tata Consultancy Services (TCS), an Indian IT company and part of the massive Tata Group conglomerate, is currently investigating whether…

Tags: ,
Previous Post
Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Archives