M&S Cyberattack Traced to Third-Party Breach, Online Sales Disrupted Until July

/in /tarafından

Marks & Spencer (M&S) confirmed on Wednesday that a recent cyberattack which disrupted its operations originated from a security breach at a third-party contractor, not from within its own IT systems. The attack, first disclosed on April 22, will continue to impact the British retailer’s operations for several more weeks, including a halt to online sales expected to last until July.

In a briefing with reporters, CEO Stuart Machin said hackers used social engineering tactics to infiltrate a contractor’s network, bypassing M&S’s internal digital defences.

“Unable to get into our systems by breaking through our digital defences, the attackers did try another route… entering through a third party rather than a system weakness,” Machin explained.
“Once access was gained, they used highly sophisticated techniques as part of the attack.”

Involvement of Tata Consultancy Services

M&S holds a long-standing IT contract with Tata Consultancy Services (TCS), and a source familiar with the investigation told Reuters that TCS may have been the access point exploited in the breach. TCS declined to comment, and Machin did not confirm whether TCS was the contractor in question.

Timeline and Response

Suspicious activity was first detected over the Easter weekend (April 19–20). According to Machin, the time from breach to detection was relatively short, particularly compared to the industry average of 10 days or more.
Immediately after discovering the breach, M&S involved cybersecurity experts, law enforcement, and government agencies.

So far, 600 systems have been scanned, and the process of gradually bringing them back online is underway.

Online Sales and Business Impact

M&S’s online retail operations remain suspended, and the company does not expect full functionality to resume before July. The company has not disclosed whether a ransom demand was issued, citing official advice.

The UK’s National Crime Agency is investigating the attack, reportedly focusing on a group of young, English-speaking hackers.

Despite having boosted its tech spending threefold over the past three years, Machin stressed that no organization is immune to cyber threats.

M&S generates nearly £14 billion ($19 billion) in annual sales, and the breach marks a major disruption for one of Britain’s most recognized retail brands.

Only 8% of Italian Firms Use AI as Digital Skills Lag Behind EU Peers, Says ISTAT

/in /tarafından

Italy remains significantly behind its European peers in the adoption of artificial intelligence (AI) and digital skills, according to the annual report released Wednesday by ISTAT, the country’s national statistics bureau.

Only 8% of Italian enterprises were using AI in 2023 — a far lower share than in other major EU economies. By comparison, nearly 20% of German businesses use AI tools, with higher adoption rates also recorded in France and Spain.

ISTAT’s findings point to a broader challenge for Italy: insufficient digital literacy among its population. In 2023, only 45.8% of Italians aged 16 to 74 possessed at least basic digital skills — well below the EU average of 55.5% and far from the bloc’s 2030 target of 80%. The figure drops even further to 36.1% in the Mezzogiorno, Italy’s economically disadvantaged southern regions, including Sicily and Sardinia.

Brain Drain and Economic Concerns

ISTAT also highlighted the ongoing “brain drain” affecting Italy’s younger population. In 2023 alone, 21,000 graduates aged 25–34 left the country, marking a 21.2% increase compared to the previous year. Over the past decade, Italy has experienced a net loss of 97,000 qualified young workers, exacerbating demographic and labor challenges.

This trend poses long-term risks to Italy’s innovation capacity and productivity, particularly as the country struggles with low growth and aging demographics.

Economic Forecast

Amid mounting external pressures, including U.S. trade tariffs, the government of Prime Minister Giorgia Meloni last month slashed its 2025 growth forecast from 1.2% to 0.6%. Preliminary data showed the Italian economy grew by 0.3% in the first quarter of 2025 compared to the previous quarter.

Outlook

Italy’s sluggish digital transformation threatens its competitiveness in a rapidly evolving EU market that is increasingly driven by AI integration, digital skills, and tech innovation. The report underscores an urgent need for targeted policies to:

  • Boost digital education,

  • Incentivize AI adoption among small and medium-sized enterprises,

  • Retain young talent by fostering innovation-friendly environments.

Without such reforms, Italy risks falling further behind in the digital economy of the future.

Unexplained Electronic Components Found in Denmark’s Energy Equipment Imports, Investigation Underway

/in /tarafından

Unidentified electronic components have been discovered in imported energy infrastructure equipment in Denmark, raising concerns over potential security vulnerabilities in the country’s critical power systems, according to industry group Green Power Denmark.

The components were found during a routine inspection of printed circuit boards intended for use in Denmark’s energy supply network. The discovery has prompted an internal investigation to assess the nature and intent behind the components’ inclusion.

“We don’t know how critical it is or whether there are bad intentions behind it,” said Jorgen Christensen, technical director at Green Power Denmark, in a statement to Reuters. “But these components should not be present in infrastructure equipment.”

Christensen did not disclose the origin of the equipment, the specific technology it was intended for (such as solar power systems), or which parties are conducting the investigation.

The Danish Ministry for Preparedness and Resilience declined to comment on the situation, and no responses were received from the Justice Ministry, Energy Ministry, or national intelligence services regarding whether a formal government-led inquiry had been initiated.

The incident comes at a time of heightened international attention on supply chain risks and cybersecurity threats to critical infrastructure, including power grids and renewable energy assets.

“This is highly concerning. It is important that an investigation is underway,” said Walburga Hemetsberger, CEO of SolarPower Europe, who emphasized the broader implications for the continent’s energy security.

Christensen noted that while the components could have been included for benign reasons — such as being part of a multi-purpose circuit board design — their unexplained presence in systems designated for energy infrastructure is unacceptable.

“It’s possible the supplier had no malicious intent. We can’t say at this point, but that doesn’t change the fact that these components shouldn’t be there,” he said.

The development follows a separate report by Reuters last week, which revealed that U.S. energy officials had found unauthorized communication devices in Chinese-made solar inverters and batteries, capable of bypassing cybersecurity firewalls and threatening grid stability.

The Danish case, first reported by local media outlet Berlingske, adds to growing scrutiny of imported technologies used in national infrastructure projects, particularly from unknown or sensitive origin sources.