π Inside the Marks & Spencer Cyberattack: What Went Wrong and What We Can Learn

How a trusted UK brand got hacked β and what it means for you. π¬ Who is Marks & Spencer? Marks & Spencer (M&S) is one of the UKβs most iconic multinational retailers, founded in 1884. Known for its high-quality clothing, food, and home products, M&S operates hundreds of stores across the UK and internationally, along with a strong digital presence through its e-commerce platform and mobile apps . π What Happened β The Cyberattack Unfolded In early June 2025 , Marks & Spencer faced a massive cyberattack that disrupted its online ordering system , website, and mobile apps for more than six weeks . 𧨠Attack Method: Initial Entry Point: Suspected phishing email targeting internal IT staff Privilege Escalation: Use of stolen credentials and session hijacking Lateral Movement: Breached backend servers using tools like: π οΈ Cobalt Strike π οΈ Mimikatz π΅οΈββοΈ Impacket toolset Payload Delivery: Ransomware or wiper malware suspected ...