Close Menu
    Facebook X (Twitter) Instagram
    Trending
    • A Brief History of Fireworks
    • Interview: July-August Escalation, Gold’s June Low & Why Capital Is Fleeing To America
    • Vatican excommunicates members of rebel Catholic group
    • Native Americans Resisting ICE | Documentary
    • Three areas the Braves need to improve at 2026 trade deadline
    • America 250: David Muir showcases national parks and Native tribes that call them home
    • Orbital Data Centers: Why the Hype Outpaces Reality
    • Iran-backed Hezbollah and Hamas attend Khamenei funeral ceremonies
    Prime US News
    • Home
    • World News
    • Latest News
    • US News
    • Sports
    • Politics
    • Opinions
    • More
      • Tech News
      • Trending News
      • World Economy
    Prime US News
    Home»Tech News»M&S hackers sent abuse and ransom demand directly to CEO
    Tech News

    M&S hackers sent abuse and ransom demand directly to CEO

    Team_Prime US NewsBy Team_Prime US NewsJune 6, 2025No Comments5 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Joe Tidy

    Cyber correspondent, BBC World Service

    Bloomberg via Getty Images The M&S logo is seen pictured next to a note saying 'est. 1884' on the side of a Marks and Spencer store with an out-of-focus anonymous shopper holding a canvas bag in the foreground, in London on 1 MayBloomberg by way of Getty Photos

    An abusive e mail despatched by the Marks & Spencer hackers to the retailer’s boss gloating in regards to the hack and demanding fee has been seen by the BBC.

    The message to M&S CEO Stuart Machin – which was in damaged English – was despatched on the 23 April from the hacker group known as DragonForce utilizing the e-mail account of an worker.

    The e-mail confirms for the primary time that M&S has been hacked by the ransomware group – one thing that M&S has thus far refused to acknowledge.

    “We have now marched the methods from China all the way in which to the UK and have mercilessly raped your organization and encrypted all of the servers,” the hackers wrote.

    “The dragon needs to talk to you so please head over to [our darknet website].”

    The extortion e mail was proven to the BBC by a cyber-security professional.

    The blackmail message, which incorporates the n-word, was despatched to the M&S CEO and 7 different executives.

    In addition to bragging about putting in ransomware throughout the M&S IT system to render it ineffective, the hackers say they’ve stolen the personal information of thousands and thousands of shoppers.

    Almost three weeks later customers were informed by the corporate that their information could have been stolen.

    The e-mail was despatched apparently utilizing the account of an worker from the Indian IT big Tata Consultancy Companies (TCS) – which has offered IT providers to M&S for over a decade.

    The Indian IT employee primarily based in London has an M&S e mail deal with however is a paid TCS worker.

    It seems as if he himself was hacked within the assault.

    TCS has beforehand stated it is investigating whether or not it was the gateway for the cyber-attack.

    The corporate has advised the BBC that the e-mail was not despatched from its system and that it has nothing to do with the breach at M&S.

    M&S has declined to remark fully.

    ‘We are able to each assist one another’

    A darknet hyperlink shared within the extortion e mail connects to a portal for DragonForce victims to start negotiating the ransom payment. That is additional indication that the e-mail is genuine.

    Sharing the hyperlink – the hackers wrote: “let’s get the occasion began. Message us, we are going to make this quick and straightforward for us.”

    The criminals additionally seem to have particulars in regards to the firm’s cyber-insurance coverage too saying “we all know we will each assist one another handsomely : ))”.

    The M&S CEO has refused to say if the corporate has paid a ransom to the hackers.

    DragonForce ended the e-mail with a picture of a dragon respiration fireplace.

    A graphic of a dragon breathing fire

    This dragon picture was appended to the hackers e mail, seen by the BBC

    The e-mail confirms for the primary time the hyperlink between M&S’s hack and the ongoing Co-op cyber-attack, which DragonForce have additionally claimed duty for.

    The 2 hacks – which started in late April – have wrought havoc on the 2 retailers. Some Co-op cabinets had been left naked for weeks, whereas M&S expects its operations to be disrupted till July.

    Though we now know that DragonForce is behind each, it’s nonetheless not clear who the precise hackers are.

    DragonForce provides cyber-criminal associates varied providers on their darknet website in alternate for a 20% lower of any ransoms collected.

    Anybody can enroll and use their malicious software program to scramble a sufferer’s information or use their darknet web site for his or her public extortion.

    Nothing has appeared on the felony’s darknet leak website about both Co-op or M&S however the hackers advised the BBC final week that they had been having IT issued of their very own and could be posting data “very quickly.”

    Some researchers say DragonForce are primarily based in Malaysia, whereas others say Russia. Their e mail to M&S implies that they’re from China.

    Hypothesis has been mounting {that a} free collective of younger western hackers often called Scattered Spider is likely to be the associates behind the hacks and in addition one on Harrods.

    Scattered Spider will not be actually a gaggle within the regular sense of the phrase. It is extra of a group which organises throughout websites like Discord, Telegram and boards – therefore the outline “scattered” which was given to them by cyber-security researchers at CrowdStrike.

    Some Scattered Spider hackers are recognized to be youngsters within the US and UK.

    The UK’s Nationwide Crime Company stated in a BBC documentary in regards to the retail hacks, that they’re focusing investigations on the group.

    The BBC spoke to the Co-op hackers who declined to reply whether or not or not they had been Scattered Spider. “We cannot reply that query” is all they stated.

    Two of them stated they wished to be often called “Raymond Reddington” and “Dembe Zuma” after characters from US crime thriller The Blacklist which entails a wished felony serving to police take down different criminals on a blacklist.

    In a message to me, they boasted: “We’re placing UK retailers on the Blacklist.”

    There have been a collection of smaller cyber-attacks on UK retailers since however none as impactful of disruptive as these on Co-op, M&S and Harrods.

    Within the early levels of the M&S hack, unknown sources advised cyber information website Bleeping Pc that proof is pointing to Scattered Spider.

    The UK’s national cyber-crime unit has confirmed to the BBC that the group is considered one of their key suspects.

    As for the hackers I spoke to on Telegram, they declined to reply whether or not or not they had been Scattered Spider. “We cannot reply that query” is all they stated.

    A green promotional banner with black squares and rectangles forming pixels, moving in from the right. The text says: “Tech Decoded: The world’s biggest tech news in your inbox every Monday.”



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleCitibank Backtracks On Gun Policy
    Next Article Trump’s surgeon general pick criticizes others’ conflicts
    Team_Prime US News
    • Website

    Related Posts

    Tech News

    A Brief History of Fireworks

    July 5, 2026
    Tech News

    Orbital Data Centers: Why the Hype Outpaces Reality

    July 5, 2026
    Tech News

    How Melbourne AI Energy Systems Tackle Demand

    July 5, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Most Popular

    What can the world expect from Trump 2.0? | Donald Trump

    January 20, 2025

    Trump Poised To Remove Illegal Aliens From The Census In A Major Blow To Blue States

    July 15, 2025

    Uptick In US Manufacturing | Armstrong Economics

    April 3, 2025
    Our Picks

    A Brief History of Fireworks

    July 5, 2026

    Interview: July-August Escalation, Gold’s June Low & Why Capital Is Fleeing To America

    July 5, 2026

    Vatican excommunicates members of rebel Catholic group

    July 5, 2026
    Categories
    • Latest News
    • Opinions
    • Politics
    • Sports
    • Tech News
    • Trending News
    • US News
    • World Economy
    • World News
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • About us
    • Contact us
    Copyright © 2024 Primeusnews.com All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.