M&S Ousts Indian Outsourcer Accused Of £300m Cyber Attack Failures

Mon Oct 27 2025
author image
News Correspondent
M and S
icon-facebook icon-twitter icon-whatsapp

Key points

  • Hackers used “social engineering” to breach M&S
  • TCS denies fault, claims breach in M&S environment
  • M&S began seeking new helpdesk provider pre-attack

ISLAMABAD: Marks & Spencer has ended its long-standing contract with Tata Consultancy Services (TCS) to manage its technology helpdesk, following a devastating cyber attack earlier this year. The retailer, which lost an estimated £300m from the breach, cancelled the deal in July, just months after hackers forced it to halt online sales for weeks, leaving shelves empty.

The Indian IT giant denied any responsibility for the breach, but the termination of the contract shortly after the attack raises questions about its involvement. Hackers, identified as Scattered Spider, reportedly used “social engineering” tactics, impersonating executives through helpdesk calls to reset passwords and gain access to M&S’s systems, according to Financial Times.

In July, M&S chairman Archie Norman explained that the hackers had used “sophisticated impersonation” involving a third party. TCS conducted an internal investigation and found no fault with its helpdesk. However, Liam Byrne, chair of the business select committee, wrote to TCS for clarification. TCS responded that the breach occurred within M&S’s own environment, not its network.

Major IT contractor

TCS, a major IT contractor for UK businesses, continues to work with M&S on other technology projects, including its data centre and cloud services. However, concerns have been raised about the risks of outsourcing critical IT functions to companies like TCS, especially with helpdesks where operators may make human errors.

M&S had already started the process of finding a new helpdesk provider in January, before the cyber attack occurred. A spokesperson for M&S stated that the decision was part of a routine process and “has no bearing on our wider TCS relationship,” adding that the change was unrelated to the cyber incident.

TCS emphasised that it does not provide M&S’s cybersecurity services, which are handled by another partner.

icon-facebook icon-twitter icon-whatsapp
Sheikh Hasina

Bangladesh’s International Crimes Tribunal to Deliver Verdict in Case Against Former PM Hasina
Israeli UN Peacekeepers

Israeli Forces Fire on UN Peacekeepers in Southern Lebanon
Iran

US Not Ready For ‘Equal and Fair’ Nuclear Negotiations: Iran FM

Latest

TTP

How Drugs Trade Help Finance Taliban Militancy
Pakistan Power 1

Pakistan’s Power Puzzle: Why Consumers Keep Paying for Idle Plants
Twitter

X Launches Upgraded Chat Platform with Expanded Messaging Tools
Sheikh Hasina

Bangladesh’s International Crimes Tribunal to Deliver Verdict in Case Against Former PM Hasina
Mitchell Ton Steers New Zealand to Seven-Run Win in First West Indies ODI

Mitchell Ton Steers New Zealand to Seven-Run Win in First West Indies ODI
Israeli UN Peacekeepers

Israeli Forces Fire on UN Peacekeepers in Southern Lebanon

Editor’s Picks

Did Israel Facilitate Mysterious Gaza-to-South Africa Transit of Palestinians?

Did Israel Facilitate Mysterious Gaza-to-South Africa Transit of Palestinians?
Indian Sikh Woman Converts to Islam and Marries Pakistani Man During Pilgrimage

Indian Sikh Woman Converts to Islam and Marries Pakistani Man During Pilgrimage
World Diabetes Day, diabetes awareness, prevention, treatment, Pakistan, health,

What is Diabetes? How Can We Prevent It? What is the Cure?

Programmes

Miserable Lives of Afghan Women Under Taliban | 60 Seconds with WE News English

Miserable Lives of Afghan Women Under Taliban
Afghans

2.5 Million Afghans Deported from Pakistan and Iran
Reducing Trade with Pakistan Will Badly Hurt Afghan Economy

Reducing Trade with Pakistan Will Badly Hurt Afghan Economy