#### Nature of the Attack
**Point 1**: Marks & Spencer (M&S) suffered a cyberattack on April 22, 2025, involving ransomware that encrypted their servers, impacting online services and 1,400 stores. [bleepingcomputer.com]
**Point 2**: The attack, attributed to DragonForce ransomware affiliates using Scattered Spider tactics, led to the theft of sensitive customer information but not payment or account password details. [bleepingcomputer.com, bbc.com]

#### Customer Impact and Response
**Point 1**: Affected data includes names, dates of birth, home addresses, telephone numbers, and online order histories, but excludes usable payment details and account passwords. [ibtimes.com, bleepingcomputer.com, bbc.com, independent.co.uk, theguardian.com, gbnews.com, telegraph.co.uk]
**Point 2**: M&S has advised customers to be cautious of phishing attempts and will prompt all customers with active accounts to reset their passwords for security. [bleepingcomputer.com, bbc.com, theguardian.com, gbnews.com, telegraph.co.uk]

Marks & Spencer Confirms Customer Data Theft in Cyber Attack

Nature of the Attack

Customer Impact and Response

Sources

International Business Times

Center

Customer Data Stolen In Marks & Spencer Cyberattack

Bleeping Computer

Center

M&S says customer data stolen in cyberattack, forces password resets

BBC News

Center

M&S says personal customer data stolen in recent cyber attack

The Independent

Left-Lean

Marks & Spencer reveals customer data taken by hackers after cyber attack

The Guardian

Left-Lean

M&S says some personal data was taken in cyber-attack

GB News

Right-Lean

Marks & Spencer cyber attack update: Customer data stolen in major blow to shoppers

The Telegraph - UK

Right-Lean

M&S customer data stolen in cyber attack