Lessons from the Marks & Spencer cyber attack: in April 2025, retail giant Marks & Spencer (M&S) became the latest high-profile victim of a ransomware attack that disrupted its digital operations and exposed sensitive customer data. The breach, which occurred over the Easter weekend, forced M&S to suspend online orders and Click & Collect services, leaving customers frustrated and raising serious concerns about data security.
The Marks & Spencer hackers reportedly sent an abusive email to the retailer’s boss, gloating about the hack and demanding ransom payment. M&S CEO Stuart Machin was sent an email on 23 April from a hacker group called DragonForce, using the email account of an employee, which confirms that the British high street retailer was targeted by a ransomware group, something they have refused to acknowledge.
While M&S confirmed that no payment or password data was compromised, personal information such as names, addresses, and order histories were accessed. The company is still working to restore full functionality, with some services expected to remain offline into July. Early investigations suggest the breach may have originated from a third-party vendor, highlighting a growing vulnerability in modern supply chains.
How to prevent a similar attack: the power of MDR
Traditional security measures are no longer enough. That’s where Managed Detection and Response (MDR) comes in.
What is MDR?
MDR is a proactive cybersecurity service that combines:
- 24/7 threat monitoring
- Advanced analytics and AI-driven detection
- Expert human analysis
- Rapid incident response
Unlike conventional security tools that simply alert you to threats, MDR actively hunts, investigates, and responds to them, minimising damage and downtime. In the case of M&S, an MDR solution could have detected the intrusion early, isolated the threat, and prevented the widespread disruption that followed.
The hidden risk: third-party vendors
Many businesses rely on third-party vendors for everything from supply chains to logistics. But these partnerships can introduce hidden vulnerabilities. If a vendor’s systems are compromised, attackers can use them as a backdoor into your network.
This is exactly what appears to have happened in the M&S breach. It’s a stark reminder that your cyber security is only as strong as your weakest link.
How CSG can help you stay secure
At CSG (Computer Services Group Ltd), we specialise in helping businesses build industry-leading cybersecurity frameworks that protect not just their internal systems, but their entire digital ecosystem. We have been providing IT and cyber security services since we opened our doors in 1985, making us the longest standing IT company in Wales.
Our services that can help prevent attacks like this include:
- Third-party risk management
We assess the security posture of your vendors, monitor their activity, and ensure they meet compliance standards like ISO 27001 and GDPR. - Integrated MDR solutions
Our MDR services provide real-time threat detection, expert analysis, and rapid response, giving you peace of mind 24/7. - Security audits and compliance
We help you identify gaps in your security strategy and align with industry best practices. - Incident response planning
Be prepared for the worst with a industry-specific response plan that minimises impact and accelerates recovery.