M&S Will Claim £100m From Its Cyber Insurers

Uploaded on 2025-05-15 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Marks & Spencer (M&S) is getting ready to make one of the largest cyber insurance claims in the UK after explaining that personal customer information was compromised during a massive cyber attack at Easter 2025 which has taken down its digital infrastructure for weeks.

M&S admitted for the first time on Tuesday 13th May 2025 that some customers' personal data was stolen as part of the ransom attack, that has left the retailer unable to accept online orders.

The retailer has told customers this could include contact details, date of birth and online order history but it does not include usable card or payment details or account passwords.

M&S is due report its full-year results soon and will give an update the market on the effects of the ransom attack. So far, the retailer’s share price has fallen around 16 per cent since it disclosed the attack on April 22, which has knocked £1.3bn off its market capitalisation.

Allianz is the principal insurer liable for M&S’s losses and is expected to pay at least the initial £10million while cyber insurance specialist Beazley is also amongst the insurers exposed to losses.

The Co-op and Harrods have also been hit by recent cyber attacks and the Co-op has said that is is still in recovery after taking action to bring its systems back online. These attacks are attributed to a collective of english speaking hackers known as Scattered Spider, who speialise in the use of social engineering techniques. One such method used by Scattered Spider is an exploit named ‘MFA fatigue’ and explains why they are a uniquely dangerous group.

In an MFA fatigue attack, an attacker floods a user with MFA authentication requests until they finally authorise either out of confusion or exasperation. At that point, the attacker can then bypass even the strongest defences.

In expert comment, Rex Booth, who is CISO at SailPoint said “Scattered Spider is a loosely affiliated group of cyber criminals based primarily in English speaking countries. They’re responsible for numerous high-profile attacks, including the MGM/Caesars compromise in 2023 which netted them a $15million ransom payment.

“They’re uniquely dangerous because much of the West is accustomed to this image of cyber criminals from Eastern Europe and Asia. Because most of Scattered Spider are native English speakers, they’re able to execute social engineering attacks without raising concerns as readily. It makes them very effective at exploiting the human side of cybersecurity." Booth concludes.

Cyber attacks have cost UK businesses an estimated £44m in lost revenue over the past five years with over 50% of UK firms experiencing at least one attack during that period.

Imagge: Ideogram

You Might Also Read:

The Growing Ransomware Crisis:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.