Hackers sent abuse and ransom demand to M&S boss

Hackers behind the M&S cyberattack reportedly sent an email directly to CEO Stuart Machin gloating about their actions and demand for payment, according to the BBC.  

The email, as seen by the news outlet, initially appeared to have been sent on 23 April via an employee’s email account at Tata Consultancy Services (TCS), an Indian IT firm that has provided services to M&S for more than 10 years. 

The message, which was written in broken English, was, in fact, sent by the hacker group known as DragonForce. 

A blackmail threat containing a racist slur was also directed at the chief executive, as well as seven additional members of the executive team.

The extortion email, which the BBC said it was shown by a “cyber security expert”, read: “We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers. The dragon wants to speak to you so please head over to [our darknet website].”

Hackers claimed to have deployed ransomware that crippled the M&S IT infrastructure and admitted to having also exfiltrated the personal information of millions of customers.

Approximately three weeks passed before the company notified customers that their data might have been compromised.

The London-based IT worker, who is employed by TCS but using an M&S email account, appears to have been a victim of the cyber-attack. TCS is currently investigating the possibility that its systems served as the entry point for the attack.

The company stated to the BBC that the email did not originate from their system and they are uninvolved with the security breach at M&S.

M&S and TCS have been approached for comment.