Indian IT giant TCS investigates link to M&S cyber attack

An Indian IT services company, Tata Consultancy Services (TCS), is reportedly conducting an internal investigation to determine if it was the entry point for the recent cyberattack on retailer M&S.

M&S recently disclosed that the hackers responsible for the widespread disruption gained access to their systems via a “third party,” rather than a direct breach. TCS has been a long-standing service provider to M&S for over a decade.

While neither M&S nor TCS have officially commented on the ongoing investigation, the Financial Times was the first to report on the potential link, citing sources close to the inquiry who anticipate its conclusion by the end of the month. It remains unclear when TCS initiated its internal probe.

The cyberattack has caused significant issues for M&S, with online ordering unavailable since late April. The retailer anticipates that while online services will gradually return to normal in the coming weeks, some level of disruption is expected to continue until July. M&S has also warned that the attack could hit this year’s profits by £300 million.

Police investigations are reportedly focusing on “Scattered Spider,” a notorious group of English-speaking hackers believed to be behind the M&S breach, as well as similar attacks on the Co-op and Harrods. However, M&S has experienced the most substantial impact among the targeted retailers.

TCS, a global IT giant with over 607,000 employees worldwide, lists M&S’s customer reward scheme, Sparks, as one of their collaborations. In 2023, TCS and M&S jointly received the Retail Partnership of the Year award.

TCS’s extensive client portfolio also includes other well-known companies such as easyJet, Nationwide, and Jaguar Land Rover. There is no indication at this time whether TCS’s internal investigation also extends to the cyberattack on the Co-op.

Stuart Machin, M&S Chief Executive, previously described the incident as a “highly sophisticated and targeted cyber-attack,” but has not commented on whether a ransom was paid.