Lawrence Abrams reports that multiple sources inform them that the outages at UK retail giant Marks & Spencer are the result of a ransomware attack by the group known as “Scattered Spider.”
Last Tuesday, M&S confirmed it suffered a cyberattack that caused widespread disruption, including to its contactless payment system and online ordering. Today, Sky News reported that the disruption continues, with around 200 warehouse workers told to stay home as the company responds to the attack.
BleepingComputer has now learned that the ongoing outages are caused by a ransomware attack that encrypted the company’s servers.
The threat actors are believed to have first breached M&S as early as February, when they reportedly stole the Windows domain’s NTDS.dit file.
Read more at Bleeping Computer.