- Marks and Spencer CEO received communication from a ransom gang
- This follows a devastating attack earlier in 2025
- The email confirms a link between the M&S and Co-op attacks
Marks and Spencer was amongst the British retailers that suffered devastating cyberattacks earlier in 2025, with services and stores facing disruption, as well as online orders being suspended.
In the midst of all this, reports from the BBC claim company CEO Stuart Machin was personally sent emails by the attackers goading him and inviting him to begin negotiating the ransom fee.
“We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers,” the hackers wrote. “The dragon wants to speak to you so please head over to [our darknet website].”
Save up to 68% on identity theft protection for TechRadar readers!
TechRadar editors praise Aura’s upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.
Preferred partner (What does this mean?)View Deal
“Let’s get the party started”
The group, who call themselves “DragonForce” also claimed responsibility for the Co-op attack, which came around a similar time – making this email the first official link between the two incidents.
Little is known so far about the group themselves, but the emails confirm this was a ransomware attack, something that M&S have so far refused to comment on.
It was sent through a London-based Tata Consultancy Services (TCS) employee, and it appears as though this employee was also hacked as part of the wider attack – and the Indian IT service is investigating whether it was the origin for the M&S cyberattack.
The email indicated a knowledge of the firm’s cyber insurance, taunting the firm; “we know we can both help each other handsomely : ))”. The email also contained a link to begin ransom negotiations; “let’s get the party started. Message us, we will make this fast and easy for us.”
We reached out to Marks and Spencer for comment, which it declined, offering the following;
“We cannot comment on details of or speculation on the cyber incident, and we have been advised not to.”
You might also like
- Take a look at our picks for the best malware removal software around
- Check out our choice for best antivirus software
- FBI warns Play ransomware hackers have hit nearly a thousand US firms
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.