-
13 May 2025 08:30:00
- Source: Sharecast
MARKS AND SPENCER GROUP PLC
CYBER INCIDENT - FURTHER UPDATE
Marks and Spencer Group plc ("M&S") is providing a further update on the cyber incident reported on 22 April 2025.
As part of our proactive management of the incident, we have taken steps to protect our systems and engaged leading cyber security experts. We have also reported the incident to relevant government authorities and law enforcement, who we continue to work closely with.
Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken. Importantly, the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords. There is no evidence that this data has been shared.
We have said to customers that there is no need to take any action. For extra peace of mind, they will be prompted to reset their password the next time they visit or log onto their M&S account and we have shared information on how to stay safe online.
We remain grateful for the support that our customers, colleagues, partners and suppliers have shown us during this time.
- Ends -
For more information, please call:
Investor Relations: Fraser Ramzan +44 (0) 7554 227 758
Corporate Press Office: +44 (0) 20 8718 1919
RNS may use your IP address to confirm compliance with the terms and conditions, to analyse how you engage with the information contained in this communication, and to share such analysis on an anonymised basis with others as part of our commercial services. For further information about how RNS and the London Stock Exchange use the personal data you provide us, please see our Privacy Policy.