Global technology giant TCS is conducting a high-stakes internal investigation into the devastating cyberattack on British retailer Marks & Spencer, which occurred during Easter weekend 2025 and wiped more than £750 million off the company’s market value.
The probe, expected to conclude by the end of May 2025, aims to determine whether TCS served as the entry point for hackers who infiltrated M&S’s systems, forcing the retailer to shut down its online clothing operations for more than three weeks.
The incident has cast a shadow over the decade-long partnership between M&S and TCS, which began in the early 2010s and expanded considerably in 2018 when M&S named TCS its “principal technology partner.”
M&S’s strategic alliance with TCS faces uncertainty following a major breach, testing the strength of their crucial technology partnership.
According to sources familiar with the investigation, at least two TCS employees’ M&S login credentials were compromised during the breach, as M&S CEO Stuart Machin attributed the attack to “human error” at a third-party contractor. Staff members were reportedly tricked by attackers into providing access to sensitive systems.
The cyberattack’s timing during the busy Easter weekend proved particularly damaging for M&S, resulting in projected operating profit losses of up to £300 million.
The security breach has impacted operations in India, where M&S operates over 100 stores through its joint venture with Reliance Retail.
Digital services are expected to remain disrupted until July 2025, with customer data reportedly stolen during the breach. The incident has sparked broader concerns about the vulnerabilities associated with IT outsourcing and supply chain management.
The attack on M&S is not an isolated incident in the UK retail sector, as other major retailers including Harrods and Co-op have similarly faced recent cybersecurity threats.
Importantly, Co-op, another long-term TCS client since 2009, successfully thwarted a similar attack attempt.
UK police are conducting a parallel investigation into the M&S breach, examining potential flaws in the retailer’s internal systems and the broader implications for industry security practices.
Although TCS has not publicly confirmed whether its systems were compromised, the incident has highlighted the complex challenges of managing cybersecurity risks in extensive technological partnerships.
The investigation’s findings could have considerable implications for both companies and the wider IT outsourcing industry, as experts estimate data breach costs now average $4.35 million per incident.
