๐ Inside the Marks & Spencer Cyberattack: What Went Wrong and What We Can Learn
How a trusted UK brand got hacked — and what it means for you. ๐ฌ Who is Marks & Spencer? Marks & Spencer (M&S) is one of the UK’s most iconic multinational retailers, founded in 1884. Known for its high-quality clothing, food, and home products, M&S operates hundreds of stores across the UK and internationally, along with a strong digital presence through its e-commerce platform and mobile apps . ๐ What Happened — The Cyberattack Unfolded In early June 2025 , Marks & Spencer faced a massive cyberattack that disrupted its online ordering system , website, and mobile apps for more than six weeks . ๐งจ Attack Method: Initial Entry Point: Suspected phishing email targeting internal IT staff Privilege Escalation: Use of stolen credentials and session hijacking Lateral Movement: Breached backend servers using tools like: ๐ ️ Cobalt Strike ๐ ️ Mimikatz ๐ต️♂️ Impacket toolset Payload Delivery: Ransomware or wiper malware suspected ...