CyberSecurityBoard
Sponsor Register Login

British retailer M&S reportedly set to claim £100 million from insurers after cyberattack | The Record from Recorded Future News

As first reported by the Financial Times newspaper, the attack driving the insurance claim may have cost M&S more than £60 million (about $79.7 million) to date based just on the loss of its daily online sales. Although the estimate can’t account for seasonality or the true impact the incident has had on the company’s sales, assuming a 25% drop over the 24 days since Easter Sunday, M&S could have lost more than £76 million ($101 million) in gross profit. “Cyber insurance policies don’t just cover the costs of bringing in incident responders or third-party liabilities, but also the policy holder’s loss of gross profit due to an insured event,” explained Craig Dunn, the head of underwriting at insurance and cybersecurity firm Stoïk. Assuming stores are open 357 days a year — excluding the eight bank holidays in the United Kingdom — Dunn estimated daily gross profit at about £12.8 million (more than $17 million). Marks & Spencer (M&S) may reportedly file an insurance claim of up to £100 million ($133 million) as a result of last month’s cyberattack — a testament to the dramatic disruption an incident can have. If the incidents are ransomware attacks, both the British and the U.S.governments have been outspoken in their desires that the insurance industry does not fund any extortion payments, although doing so is not illegal. “What is surprising here is typically insurers will want companies of M&S’ size to have tested business continuity plans that cover events like ransomware attacks,” Dunn said. “This attack — and attacks on others in the retail sector leaving remote conurbations without access to food — and recent attacks on critical health organisations, shines a bright light on the need for government policies to robustly focus on preventative, not reactive, measures,” he said. All three attacks have been claimed by the DragonForce ransomware group, but such groups are known to make false claims and there has been no independent confirmation of the nature of the attacks.

This Cyber News was published on therecord.media. Publication date: Wed, 14 May 2025 15:45:06 +0000


Cyber News related to British retailer M&S reportedly set to claim £100 million from insurers after cyberattack | The Record from Recorded Future News

CVE-2022-49069 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
British retailer M&S reportedly set to claim £100 million from insurers after cyberattack | The Record from Recorded Future News - As first reported by the Financial Times newspaper, the attack driving the insurance claim may have cost M&S more than £60 million (about $79.7 million) to date based just on the loss of its daily online sales. Although the estimate can’t ...
1 month ago Therecord.media Dragonforce
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Why CISOs Need to Make Cyber Insurers Their Partners - Organizations may perceive the lengthy and involved process, paired with rising premiums, as insurance companies taking advantage of them. Insurance companies are struggling to balance soaring loss ratios that were particularly rampant a couple years ...
1 year ago Darkreading.com
Rhysida ransomware gang claims British Library cyberattack - The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. Rhysida is auctioning off the data it reportedly stole from the United Kingdom's national library ...
1 year ago Bleepingcomputer.com Rhysida Medusa
Takeaways from Cisco at InsureTech Connect 2023 - InsureTech Connect 2023, the premier conference for the insurance technology industry, brought together 9,000+ innovators, leaders, and solution providers to Las Vegas in early November to explore the latest trends, technologies, and disruptions in ...
1 year ago Feedpress.me
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
2 years ago Securityweek.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
British company Advanced fined £3m by privacy regulator over ransomware attack | The Record from Recorded Future News - His comments followed a series of ransomware incidents affecting the healthcare sector last year, including one in which every single household in the Scottish region of Dumfries and Galloway received a letter warning residents that their data was ...
2 months ago Therecord.media LockBit
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
1 year ago Bleepingcomputer.com
M&S warehouse workers told not to come to work following cyberattack | The Record from Recorded Future News - It follows the company — which has more than 1,400 stores worldwide and made a profit before tax last year of £672 million ($896 million) — announcing on Friday that it was pausing all online shopping three days after it initially announced it ...
1 month ago Therecord.media
Ransomware takes British Library goes offline - When the British Library was infected with ransomware, few could have predicted how damaging the attack would be. A month later, the Library's IT systems are still offline - and now hackers are threatening to sell stolen personal data too. On 31st ...
1 year ago Pandasecurity.com Rhysida
Cybersecurity Industry Gains $1.7 Billion to Develop Cutting-Edge Protection Technologies - As digital threats grow in sophistication, the cybersecurity sector has ignited a funding frenzy, with startups raising $1.7 billion in April 2025 alone ahead of the RSA Conference in San Francisco. As banks and fintechs face a 40% spike in ...
1 month ago Cybersecuritynews.com
British Library avoids investigation over ransomware attack, praised again for response | The Record from Recorded Future News - In particular, the U.K.’s National Cyber Security Centre said the British Library “should be applauded” for refusing to pay an extortion fee, and particularly praised the institution for detailing its recovery process in an 18-page incident ...
1 month ago Therecord.media
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
Marks & Spencer confirms customer data stolen in cyberattack | The Record from Recorded Future News - M&S online customers are being informed today that the compromised data could include their names, home and email addresses, and phone numbers, but not “useable payment or card details, which we do not hold on our systems, and it does not ...
1 month ago Therecord.media Dragonforce
British Library: Ongoing outage caused by ransomware attack - The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. Over 11 million visitors use the library's website annually, with more than 16,000 people using its collections ...
1 year ago Bleepingcomputer.com Medusa
British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News - The company told the London stock exchange that it has brought in external cyber security experts to investigate and manage the incident, as well as reported it to the relevant regulators and the National Cyber Security Centre. British retailer Marks ...
1 month ago Therecord.media
UK retailer Co-op shuts down some IT systems after hack attempt - The cyberattack at Co-op comes shortly after Marks & Spencer (M&S), another well-known British multinational retailer operating 1,400 stores worldwide, announced they suffered a cyberattack. British supermarket chain Co-op shut down ...
1 month ago Bleepingcomputer.com Dragonforce Scattered Spider
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
1 year ago Securityboulevard.com
Ace Hardware hit in cyberattack, CEO confirms The Register - Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen. The site today warns that the retailer-owned cooperative is unable to process online orders. A memo ...
1 year ago Theregister.com
Merck settles with insurers who denied $700 million NotPetya claim - Pharmaceutical giant Merck has reportedly reached a settlement with insurers over their refusals to cover losses stemming from the NotPetya cyberattack in 2017. In early 2022, a New Jersey court ruled that the warfare exemption did not apply to the ...
1 year ago Therecord.media
Major Mexican airport confirms experts are working to address cyberattack - One of the highest-traffic airports in Mexico said it is responding to a cyberattack. The Querétaro Intercontinental Airport - about three hours from Mexico City - confirmed reports that it had been attacked by hackers, posting a notice on social ...
1 year ago Therecord.media LockBit
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
1 year ago Go.theregister.com Rhysida
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
1 year ago Packetstormsecurity.com Rhysida

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)