Marks and Spencer Confirms Hackers Stole Customers' Personal Data; Cyber Insurance Payout To Be Worth Up To $133 Million (techcrunch.com)
- Reference: 0177501971
- News link: https://it.slashdot.org/story/25/05/14/1050202/marks-and-spencer-confirms-hackers-stole-customers-personal-data-cyber-insurance-payout-to-be-worth-up-to-133-million
- Source link: https://techcrunch.com/2025/05/13/marks-spencer-confirms-customers-personal-data-was-stolen-in-hack/
> U.K. retail giant Marks & Spencer has confirmed hackers [1]stole its customers' personal information during a cyberattack last month. In a brief statement with London's stock exchange on Tuesday, the retailer said an unspecified amount of customer information was taken in the data breach.
>
> The BBC, which first reported the company's filing, cited a Marks & Spencer online letter as saying that the stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information, and online order histories. The company also said it was resetting the online account passwords of its customers.
FT adds:
> Marks and Spencer [2]could claim for losses of as much as $133 million from its cyber insurers following a sustained hack where some customer data was stolen. The UK retailer's cyber policy allows it to claim up to $133 million, according to people familiar with the situation.
>
> Allianz is the first insurer on the hook for M&S's losses, the people added, and is expected to pay at least the initial $13.3 million. Cyber specialist Beazley is also among the insurers exposed to losses at the FTSE 100 retailer, according to the people familiar with the situation.
[1] https://techcrunch.com/2025/05/13/marks-spencer-confirms-customers-personal-data-was-stolen-in-hack/
[2] https://www.ft.com/content/723b6195-1ce7-4b5f-94f5-729e9152c578
Would using a cut-out like (Score:3)
...PayPal help with this problem?
details matter (Score:3)
there is no details
just an announcement that they will be claiming against the insurance and that they could claim £100mn (pounds not dollars) means they did not have much insurance...
frankly americans routinely leak customer names, dates of birth, home and email addresses and phone numbers
whats actually worrying is household information, and online order histories
thats going to be hard to clean up and expose a LOT of people
JJ
Now they will know where my towel is! (Score:3)
I'm the only one who is supposed to know.
Re: (Score:3)
May 25 is Towel Day!
A novel idea (Score:2)
Here's a novel idea: Secure your shit.
Claiming up to $133 million (Score:2)
Guess who is going to keep that money.
The customers whose PI was stolen?
Guess again.
Stop collecting data you don't strictly need! (Score:2)
If you read the privacy policies / data collection policies for some platforms, you'll notice they want to collect essentially everything. I was reviewing Monday's privacy policy, and it might be the most invasive and violating policy I've read in a few years. If you want to read it, it's here: [1]https://monday.com/l/privacy/p... [monday.com].
In summary, if they can find information about you, regardless if you provided it, they will take it, analyze it, sell it, and if you argue with them or think they shouldn't, ju
[1] https://monday.com/l/privacy/privacy-policy/
Ampersand (Score:2)
First, the correct orthography is “Marks & Spencer” not “Marks and Spencer”. For anyone that has ever been in the UK, “Marks and Spencer” just looks weird.
Second, what in the actual fuck? I’m an M&S customer. Were my details leaked? Can I reclaim some of this payout?
133 million not just for losses (Score:3)
A lot of customers if their financial & personal info has been compromised could well sue. M&S is an upmarket brand and a lot of its customers are probably quite familiar with the law.
Re: (Score:2)
In the UK you would start by making a Subject Access Request under GDPR rules, to see what data they have on your, and to find out if any of it was compromised. Then you make them a settlement offer. If it includes everything mentioned in the summary you would be looking at maybe £1,500, more if there is evidence that it has been abused.
Re: (Score:2)
Very interesting. I’m in that category, but with Sparks account and online deliveries. Do you have further information on this?
Re: (Score:2)
* Ignore the word “but”. Typo autocomplete