Hackers who attacked Marks & Spencer and the Co-op duped IT professionals into giving them access to their companies’ networks, according to a report.
The “social engineering” attack on the Co-op allowed fraudsters to reset an employee’s password before infiltrating the network, and a similar method was employed against M&S, insiders told BleepingComputer.
Hundreds of agency workers at Marks & Spencer were advised not to come to work as the retailer grappled with the aftermath of a hack that cost the business £650 million in a matter of days.
The disruption started in April when click-and-collect orders and contactless payments were impacted. Stuart Machin, the CEO of M&S, confirmed the issue in a message to customers, stating that the retailer would be making “minor, temporary changes” to in-store operations while it dealt with the ongoing “cyber incident.”
In order to counter the “social engineering” tactic employed by the hackers
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: