Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack

The chairman of Marks & Spencer, a leading U.K. retailer, has refrained from revealing whether the company paid a ransom following a cyberattack earlier this year. During a session with lawmakers, Archie Norman stated, "We’ve said that we are not discussing any of the details of our interaction with the threat actor," while addressing inquiries about potential payments to the hacking group. He emphasized that delving into such matters could compromise the interests of law enforcement. According to Norman, no employees at Marks & Spencer had direct contact with the cybercriminals, whom he identified as the ransomware group DragonForce. In May, the retailer announced that its systems had been breached, resulting in the theft of various customer data, including names, dates of birth, and contact information. The incident not only compromised sensitive information but also severely impacted operations, leading to empty shelves and disrupting online order capabilities. Norman confirmed that the company is still engaged in recovery efforts, which are expected to continue through October or November, as they work to rectify the aftermath of the attack.