Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114523212642063870">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 17-May-2025 21:39:19 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114523174837643548" rel="in-reply-to">in reply to</a></div></section><article><p>The Times reports M&amp;S were breached through a contractor and that human error is to blame. (Both M&amp;S and Co-op use TCS for their IT Service Desk). </p><p>The threat actor went undetected for 52 hours. (I suspect detection was when their ESXi cluster got encrypted). </p><p>M&amp;S have told the Times they had no “direct” communication with DragonForce, which is code for they’re using a third party to negotiate - standard practice. </p><p><a href="https://www.thetimes.com/uk/technology-uk/article/m-and-s-boss-cyber-attack-7d9hvk6ds" rel="nofollow noreferrer">https://www.thetimes.com/uk/technology-uk/article/m-and-s-boss-cyber-attack-7d9hvk6ds</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4992102#notice-9935517">In conversation</a><time datetime="2025-05-17T21:39:19+09:00" title="Saturday, 17-May-2025 21:39:19 JST">about 15 days ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114523212642063870" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114523212642063870">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.thetimes.com</div><h5><a href="https://www.thetimes.com/uk/technology-uk/article/m-and-s-boss-cyber-attack-7d9hvk6ds">M&amp;S bosses under fire after ‘damaging and embarrassing’ cyberattack</a></h5><div> from <span>Tom Witherow | Isabella Fish, Retail Editor</span></div></header><div>The Times reveals that the hackers penetrated the retailer’s IT systems through a contractor and worked undetected for about 52 hours before the alarm was raised</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 17-May-2025 21:39:19 JST Kevin Beaumont
in reply to
The Times reports M&S were breached through a contractor and that human error is to blame. (Both M&S and Co-op use TCS for their IT Service Desk).
The threat actor went undetected for 52 hours. (I suspect detection was when their ESXi cluster got encrypted).
M&S have told the Times they had no “direct” communication with DragonForce, which is code for they’re using a third party to negotiate - standard practice.
https://www.thetimes.com/uk/technology-uk/article/m-and-s-boss-cyber-attack-7d9hvk6ds
In conversationabout 15 days ago from cyberplace.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.thetimes.com
  M&S bosses under fire after ‘damaging and embarrassing’ cyberattack
  from Tom Witherow | Isabella Fish, Retail Editor
  The Times reveals that the hackers penetrated the retailer’s IT systems through a contractor and worked undetected for about 52 hours before the alarm was raised

Public

Embed Notice

HTML Code

Corresponding Notice