Image Source: YouTube
One of the globe's biggest IT services companies, Tata Consultancy Services (TCS), has launched an internal probe after it was uncovered that hackers exploited stolen credentials belonging to employees to compromise top UK retailers such as Marks & Spencer (M&S) and Co-op. The intrusions, which are blamed on the Scattered Spider ransomware group, have sparked serious concerns over third-party risk and supply chain security throughout the retail industry.
Background: The Cyberattack Unfolds
-
Marks & Spencer in April 2025 also experienced a major cyberattack that impacted business operations and leaked customer information, which was estimated at over £1 billion in market value lost for the retailer.
-
Attacked by the Scattered Spider group, hackers accessed the systems using login details belonging to at least two TCS workers, who offer IT services to M&S.
-
The break was done using advanced social engineering methods, which included password resets and phishing, which was aimed at TCS employees and not direct exploitation of system vulnerabilities.
TCS's Role and Response
-
TCS, a long-time IT partner to M&S and Co-op, remains silent as of now but is carrying out an internal investigation to find out how its employee credentials were exploited and utilized during the attack.
-
The entry of the company has shed light on the vulnerability related to third-party vendors and the urgent need for strong access controls and credential management.
Broader Impact on UK Retail Industry
-
M&S breach was followed by identical attacks on other TCS customers, such as Co-op and Harrods, leaving doubt about a wider weakness in the UK retail supply chain.
-
M&S had to suspend online trading, with full resumption not expected until July, and rolled out a password reset across all customers after verifying some information had been plundered.
-
The UK's National Crime Agency is investigating the attacks, targeting a group of English-speaking young hackers.
Industry and Security Implications
-
The attacks have put a spotlight on third-party and supply chain security processes, particularly for those organizations with heavy digital reliance and complicated vendor relationships.
-
Experts caution that the growing online presence of retailers, use of remote work, and integration with third-party services have grown the attack surface for cybercriminals.
Ongoing Investigation
TCS's internal investigation is intended to determine the security failures and improve its credential hygiene and access controls to avoid future breaches.
Retailers and IT service providers in the UK are rethinking their cybersecurity practices amid these high-profile attacks.
Sources: Computing UK, Daily Security Review, Reuters, CyberNews
Advertisement
Advertisement
