Cyber Security
Marks & Spencer And Hertz Affected By The Latest Bout Of Cyber Incidents
Updated on Wed, Apr 23, 2025
Share
UPDATES:
April 28: Marks & Spencer told some of its agency staff working at its central England (Castle Donington) distribution center not to come in to work on Monday (April 28, 2025) following the closure of online orders (announced on April 25), according to reports.
This directive affected around 200 employees.
A spokesperson for the company said they had no further updates, following the April 25 one.
— —
In the latest bout of cyberattacks on businesses, two major global brands were hit: British multinational corporation Marks & Spencer and American car rental company Hertz.
So, how were these two companies affected, and what does it mean for their customers? Let’s dive in.
Marks & Spencer is a brand that’s known globally, selling clothing, beauty products, food items, and more.
As per a notification provided to the London Stock Exchange, Marks & Spencer revealed that it was managing a cyber incident over the past few days, going back to the date of intimation—April 22, 2025.
“As soon as we became aware of the incident, it was necessary to make some minor, temporary changes to our store operations to protect customers and the business, and we are sorry for any inconvenience experienced,” read an excerpt from the notification. “Importantly, our stores remain open and our website and app are operating as normal.”
To tackle the issue, the company said it partnered with external cybersecurity experts to help investigate and manage the incident and will take more actions to enhance the protection of its network and ensure it can maintain customer service.
Furthermore, the company also reported the incident to the relevant data protection supervisory authorities and the National Cyber Security Centre.
The company didn’t mention when the incident took place or what kind of attack it was, but it resulted in minor, temporary changes being made to protect customers and the business. While M&S said its stores remained open and its website and app functioned normally, it’s reported that its Click & Collect orders were affected.
“Customer trust is incredibly important to us, and if the situation changes, an update will be provided as appropriate,” read the closing line of the notification provided to LSE.
The incident follows a recent announcement made by the company, saying it was investing more than £90 million (around $120 million) to build and improve seventeen stores and create 450 new jobs in London. This includes opening six new food halls in Clapham, Covent Garden, Fulham Broadway, Putney, New Malden, and Leytonstone, and renewing eleven stores across London.
This builds on the £30 million (around $40 million) investment made in London last year and a £50 million (around $66 million) investment in stores across the Northwest of England.
To be fair, Hertz’s cyber incident occurred due to a lapse in a third-party vendor’s security and not its own systems.
The American car rental company said through a “Notice of Data Incident” that the event involved Cleo Communications, a vendor that provides a file transfer platform that’s used by Hertz “for limited purposes.”
However, it could have impacted the personal information of Hertz customers, which includes names, contact information (email IDs and mobile numbers), date of birth, credit card information, driver’s license information, workers’ compensation claims, Social Security numbers, other government identification numbers, passport information, and Medicare or Medicaid ID.
As per the notice, bad actors exploited zero-day vulnerabilities within Cleo’s platform in October 2024 and December 2024. While Hertz confirmed on February 10, 2025, that some of its data was acquired during this hit, the company completed its data analysis on April 2, 2025.
Hertz also confirmed that Cleo has taken steps to investigate the incident and fix vulnerabilities. The company also said it reported the event to relevant authorities and “secured the services of Kroll to provide two years of identity monitoring or dark web monitoring services to potentially impacted individuals at no cost.”
As such, the company isn’t aware of any misuse of stolen data but has advised its customers to remain vigilant and report suspicious activity.
While Hertz didn’t disclose who they thought was responsible for the attack, experts are pointing fingers at the Russian ransomware gang Clop.
On April 16, 2025, Hertz, which possesses over half a million vehicles around the globe, announced a partnership with UVeye, a leader in AI-driven vehicle inspection systems, to transform its vehicle maintenance process by introducing advanced AI inspection to its U.S. operations.
What more do you think businesses can do to protect their systems from cyberattacks? Do you think governments around the world need to make more efforts to get rid of cybercriminals?
Let us know in the comments below!
April 28: Marks & Spencer told some of its agency staff working at its central England (Castle Donington) distribution center not to come in to work on Monday (April 28, 2025) following the closure of online orders (announced on April 25), according to reports.
This directive affected around 200 employees.
A spokesperson for the company said they had no further updates, following the April 25 one.
— —
April 25: Keeping customers and stakeholders informed, Marks and Spencer published another news release (April 25, 2025) conveying that they’ve decided to pause taking orders via their websites and apps, as part of their proactive management of a cyber incident.
However, customers can browse the retailer’s product range online and can shop at physical stores.
“Our experienced team—supported by leading cyber experts—is working extremely hard to restart online and app shopping,” read the update.
— —
April 23: Living up to its promise of keeping customers updated about the cyber incident, Marks & Spencer (M&S) published a news release on April 23, 2025, saying that the retailer isn’t currently processing contactless payments, has paused the collection of Click & Collect orders in stores, and there could be delays to online order delivery times.
As the company continues working hard to restore services and minimize disruptions, it has also made the decision to take some processes offline “to protect our colleagues, partners, suppliers and our business.”
— — — —
As our ever-evolving digitalized world throws up new products, services, and technologies, it also attracts a wide range of cyber threats that are also continuously transforming.
Every now and then, there are reports of yet another business, organization, or government agency that’s at the receiving end of a cyber incident, usually one that troubles innocent customers or even the general public as much as the affected institution.As our ever-evolving digitalized world throws up new products, services, and technologies, it also attracts a wide range of cyber threats that are also continuously transforming.
In the latest bout of cyberattacks on businesses, two major global brands were hit: British multinational corporation Marks & Spencer and American car rental company Hertz.
So, how were these two companies affected, and what does it mean for their customers? Let’s dive in.
Marks & Spencer Cyber Incident
Marks & Spencer is a brand that’s known globally, selling clothing, beauty products, food items, and more.
As per a notification provided to the London Stock Exchange, Marks & Spencer revealed that it was managing a cyber incident over the past few days, going back to the date of intimation—April 22, 2025.
“As soon as we became aware of the incident, it was necessary to make some minor, temporary changes to our store operations to protect customers and the business, and we are sorry for any inconvenience experienced,” read an excerpt from the notification. “Importantly, our stores remain open and our website and app are operating as normal.”
To tackle the issue, the company said it partnered with external cybersecurity experts to help investigate and manage the incident and will take more actions to enhance the protection of its network and ensure it can maintain customer service.
Furthermore, the company also reported the incident to the relevant data protection supervisory authorities and the National Cyber Security Centre.
The company didn’t mention when the incident took place or what kind of attack it was, but it resulted in minor, temporary changes being made to protect customers and the business. While M&S said its stores remained open and its website and app functioned normally, it’s reported that its Click & Collect orders were affected.
“Customer trust is incredibly important to us, and if the situation changes, an update will be provided as appropriate,” read the closing line of the notification provided to LSE.
The incident follows a recent announcement made by the company, saying it was investing more than £90 million (around $120 million) to build and improve seventeen stores and create 450 new jobs in London. This includes opening six new food halls in Clapham, Covent Garden, Fulham Broadway, Putney, New Malden, and Leytonstone, and renewing eleven stores across London.
This builds on the £30 million (around $40 million) investment made in London last year and a £50 million (around $66 million) investment in stores across the Northwest of England.
Hertz Cyber Incident
To be fair, Hertz’s cyber incident occurred due to a lapse in a third-party vendor’s security and not its own systems.
The American car rental company said through a “Notice of Data Incident” that the event involved Cleo Communications, a vendor that provides a file transfer platform that’s used by Hertz “for limited purposes.”
However, it could have impacted the personal information of Hertz customers, which includes names, contact information (email IDs and mobile numbers), date of birth, credit card information, driver’s license information, workers’ compensation claims, Social Security numbers, other government identification numbers, passport information, and Medicare or Medicaid ID.
As per the notice, bad actors exploited zero-day vulnerabilities within Cleo’s platform in October 2024 and December 2024. While Hertz confirmed on February 10, 2025, that some of its data was acquired during this hit, the company completed its data analysis on April 2, 2025.
Hertz also confirmed that Cleo has taken steps to investigate the incident and fix vulnerabilities. The company also said it reported the event to relevant authorities and “secured the services of Kroll to provide two years of identity monitoring or dark web monitoring services to potentially impacted individuals at no cost.”
As such, the company isn’t aware of any misuse of stolen data but has advised its customers to remain vigilant and report suspicious activity.
While Hertz didn’t disclose who they thought was responsible for the attack, experts are pointing fingers at the Russian ransomware gang Clop.
On April 16, 2025, Hertz, which possesses over half a million vehicles around the globe, announced a partnership with UVeye, a leader in AI-driven vehicle inspection systems, to transform its vehicle maintenance process by introducing advanced AI inspection to its U.S. operations.
What more do you think businesses can do to protect their systems from cyberattacks? Do you think governments around the world need to make more efforts to get rid of cybercriminals?
Let us know in the comments below!
First published on Wed, Apr 23, 2025
Enjoyed what you read? Great news – there’s a lot more to explore!
Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!
Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.
Head to the TechDogs homepage to Know Your World of technology today!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.
Trending TD NewsDesk
Amazon In Talks To Invest Up To $50 Billion In OpenAI
Former Google Engineer Found Guilty In AI Trade Secrets Case
OpenAI’s Sora App Struggles After Its Stellar Launch
AWS re:Invent 2025: Amazon & Google Bring Multicloud Service For Faster Connectivity
Microsoft Signs A 5-Year AI Deal With Premier League For Its 1.8 Billion Fans
Join Our Newsletter
Get weekly news, engaging articles, and career tips-all free!
By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.
Join The Discussion