British retail giant Marks & Spencer (M&S) has formally ended its long-standing IT service desk contract with Tata Consultancy Services (TCS). This comes after a horrific event that shook the company earlier this year. The Scattered Spider hacking group is claimed to have orchestrated the attack, which destroyed M&S’s digital infrastructure, suspended online operations, and cost the corporation an estimated £300 million in lost sales.
The attack ruined the company’s supply chain, made it stop offering online shopping, and led stores all over the UK to run out of stock. The event also affected M&S’s reputation for being reliable and trustworthy, which are two of the most significant components of its 100-year-old retail legacy.
For more than ten years, M&S worked with TCS, an Indian IT giant, to gain help with technology. The collaboration was renewed in 2023 as part of a huge effort to make the retailer’s supply chain and store operations more digital.
But sources who operate in the industry indicated that M&S discontinued its helpdesk contract in July 2025, just a few months after the well-known cyberattack. M&S maintains that the change to the contract was part of a planned competitive tender process that began in January, but the timing has received a lot of attention.
What occurred is clear: there was a huge cyber-attack, and then an important outsourcing agreement fell down.
Also Read// Trump Shocks Crypto World: Pardons Binance Founder Changpeng Zhao After Money Laundering Case
M&S made public a “cyber incident” in late April 2025 that stopped online shopping and placed some of its click-and-collect services on hold. This was the beginning of the breach. Soon, the shelves were empty, and there were reports that hackers had used a vendor access point instead of entering into M&S’s own systems.
Investigations found that the hackers, Scattered Spider, broke into M&S’s systems by claiming to be employees and going after TCS helpdesk staff. The hackers utilized advanced social engineering techniques to trick TCS workers into giving them their login information and changing their internal passwords.
The hackers utilized a program called Dragon Force, which is a type of ransomware-as-a-service, to encrypt M&S’s systems and steal crucial data at the same time. They demanded money not only to unlock the data, but also to keep the stolen information from getting out.
Later, Stuart Machin, the CEO of M&S, told MPs that the intrusion was “sophisticated impersonation through a third party,” which showed that it came from vendor systems.
The effect was awful. The attack screwed up online orders, made payments late, and made it tougher for shops to keep track of their inventories. For weeks, millions of customers couldn’t place or get orders. M&S told people how dangerous phishing is when it comes to stolen customer data.
The store’s operating profit dropped by £300 million, and experts say its market worth dropped by more than £1 billion. Experts in the area stated it was one of the worst cyber attacks on UK retail ever.
The event also illustrated how one compromised vendor channel can start a big chain reaction that affects businesses all around the world. This is a clear sign that any security gaps in the supply chain might put the whole ecosystem in danger.
Suggested News/// New Hyundai Venue facelift vs Old Venue: Dimensions, features, design and more compared
Tata Consultancy Services, which is based in Mumbai and is one of India’s major IT companies, has always stated that its systems were never hacked. A TCS spokesperson indicated that the company “does not provide cybersecurity services to M&S” and that another vendor handled those tasks.
TCS said, “The bid for the M&S helpdesk contract began several months before the event.” “We still work with M&S on a lot of important projects and value this long-term relationship.”
Some of the prominent firms TCS works with are Jaguar Land Rover, British Airways, Boots, Diageo, Aviva, Deutsche Bank, Indian Bank, and the British Council. This organization has a high reputation, but the incident has made clients more anxious about how to deal with vendor risk and share responsibility when IT work is done by someone else.
People now think the M&S hack is a great example of how attackers may break into intricate vendor networks. There are more ways for attackers to get into the system when there are a lot of third-party contractors with varied levels of access.
For a long time, cybersecurity experts have said that helpdesk operations are ideal targets for social engineering attacks. People who update their passwords or verify their identities usually follow rules that attackers can use to act like real employees.
The M&S–TCS example has a lot to offer both IT service providers and stores. Access to a vendor is an area of attack.
Every partner who can get into your system makes your business more at risk. Security rules must be followed not just inside the organization but also across the overall ecosystem.
People making mistakes is still the weakest link.
No matter how good the firewalls and endpoint protection are, a well-written impersonation email can still trick an employee.
People will believe you more if you are honest.
To keep your reputation, you need to be honest with customers, investors, and the police after a breach. Just because you outsource doesn’t mean you stop being responsible.
The client company is still formally and publicly responsible for the work that is outsourced. Audits of vendors should be part of cyber preparation.
People who work at third-party help desks and are in charge of setting access limits and resetting systems should also be trained and inspected on a regular basis.
The news reported that M&S had “dropped” TCS; however, the reality is more intriguing. This case clarifies the necessity for businesses to consider both safety and hiring simultaneously.
M&S implemented modifications to its IT operations subsequent to the breach in order to restore user confidence and modernize its online systems. For TCS and other big outsourcing firms, this should teach them that a client’s strength is just as important as a vendor’s image, and that any weakness that is seen as weak can hurt business all over the world.
The Marks & Spencer–TCS case isn’t just a breach of contract; it’s also a lesson for all businesses that do business online these days. It’s harder for clients and suppliers to agree on who is responsible for what as cyber threats grow.
This isn’t just about losing money or data; it’s also about how trust, responsibility, and the fact that people are weak are now the most important parts of cybersecurity.
Many people were touched by Humane Sagar's voice, which had a big effect on Odia…
Ujjain is once again in the spotlight as the family of Madhya Pradesh Chief Minister…
The northeast monsoon has gotten stronger in Tamil Nadu, causing heavy rain, high winds, and…
Gold and silver prices witnessed sharp movements on Friday, November 14, as global uncertainty over the…
After a blockbuster theatrical run, the romantic comedy ‘Dude’ is now ready to make its…
Apple’s latest product launch has turned into a viral talking point — and not for the…
This website uses cookies.
View Comments
It’s easy to get lost in chasing losses – responsible gambling is key. Tools like the creative outlet in Sprunki Game can be a healthy distraction. Plus, instant access on any device is convenient! Remember to set limits.