- Marks & Spencer suffered a cyber-incident in April 2025
- Reports claimed the attack was the work of scattered pider
- Tata Consultancy Services examines if the attack came from its network
Tata Consultancy Services (TCS), an Indian IT company and part of the massive TATA group conglomerate, is currently investigating whether the recent cyberattack at Marks & Spencer (M&S) comes from its infrastructure.
At the end of April 2025, M&S confirmed a “cyber event” that affected its stores and resulted in changes in the store’s operations.
Later reports said the company had to take some of its systems and processes offline and were forced to disable contactless and click and collect services in stores as the incident was actually a ransomware attack. Online orders were also stopped. The disturbance lasted for weeks, M&S ‘market value fell by £ 1 billion, and customer data was allegedly stolen by the actors.
Targeting of Tata
It was reported that the group known as scattered spider was behind the trial
Now, BBC News Report TCS, which has served M&S for more than a decade, investigates whether it was a springboard for the attack. Right now, both parties remain silent, but the investigation must be wound up by June 2025.
TCS is part of the large Indian conglomerate Tata Group, which counts more than 100 companies across a wide range of industries. As such, it is an important target for all sorts of cyber criminals, and for approx. Two years ago, Hive Ransomware hit Tata Power, India’s largest integrated electricity company. Early this year, Tata Technologies, a global engineering services provider also became the attack.
The attack is reportedly working on scattered spider, a ransomware organization that is usually aimed at British retailers, financial institutions, technology companies and entertainment/gaming organizations. The group is not as closely composed as organizations such as Lockbit or CL0P.
It is relatively loose and works within a larger hacking community known as “the com”. Its members participate in all kinds of attacks, from Social Engineering and SIM exchange, to ransomware.
We have reached TCS for comment and will update the article if we hear back.
Via BBC
