No Breach, No Blame: TCS Distances Itself from M&S Cyber Incident

In its Annual General Meeting (AGM), Tata Consultancy Services (TCS) dispelled doubts about the recent cyberattack on British retailer Marks & Spencer (M&S) with a promise that no TCS systems or users were involved, and no other clients were impacted.

 

Independent Director Mistry, speaking at the AGM, clarified that the investigation into the M&S breach is being conducted by the customer itself, and that TCS is not in the purview of the formal investigation. The announcement follows reports in the media that TCS, one of M&S's traditional IT partners, might have been a potential attack vector.

 

The April 2025 M&S hack unsettled store and online business operations with reports pointing fingers at the Scattered Spider ransomware group for the attack. While M&S confirmed the breach occurred through a "third party," it declined to publicly disclose the vendor utilized. 

 

TCS reiterated its cybersecurity and client privacy commitment, stating it remains engaged with M&S and continues to be vigilant in securing its global infrastructure.

 

Simultaneously, the Reserve Bank of India (RBI) released its quarterly report on the performance of the private corporate business sector during Q4 FY2024–25, giving insights into profitability, investment trends, and sectoral growth. The RBI report highlights are available on request.

 

Sources: BBC News, TechRadar, Business Today, RBI