TCS conducting internal inquiry into M&S breach, claims report

Tata Consultancy Services (TCS) is investigating whether it served as the point of entry for a devastating cyberattack on British retailer Marks & Spencer (M&S), according to The Financial Times. The breach, which hit during the Easter weekend, led to customer data theft and forced M&S to shutter its online clothing operations for more than three weeks—resulting in massive financial and reputational fallout.

M&S lost over £750 million (₹8,295 crore) in market value and could face an operating profit loss of up to £300 million (₹3,318 crore). Online services are expected to remain disrupted until July. The UK police are also conducting a parallel probe into the incident.

TCS, M&S’s primary technology partner since the early 2010s, is aiming to conclude its internal investigation by the end of May, according to the FT report. The Indian IT giant has not publicly confirmed whether its systems were compromised, but a source at M&S was quoted as telling Reuters that the attackers gained access using login credentials from at least two TCS employees.

BT could not independently verify the claims made in the report.

M&S CEO Stuart Machin, in his first public remarks on the breach, attributed it to “human error” at a third-party contractor, rather than a breakdown in M&S’s internal systems. “Staff at a third-party contractor were tricked,” Machin said, stopping short of naming TCS or commenting on ransom payments.

This isn’t an isolated case. Other major UK retailers, including Harrods and the Co-op, have also been targeted in recent cyberattacks. The Co-op, a TCS client since 2009, reportedly thwarted the attack before major damage occurred. TCS, however, is not investigating any role in the Co-op breach, citing that its services there do not involve IT infrastructure.